Uploaded image for project: 'ZooKeeper'
  1. ZooKeeper
  2. ZOOKEEPER-4390

Backport ZOOKEEPER-4337 for branch-3.5 and branch-3.6

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 3.5.9
    • None
    • security

    Description

      Our security tool raised the following security flaws on zookeeper 3.5.9: 

      CVE-2021-28163: https://nvd.nist.gov/vuln/detail/CVE-2021-28163

      CVE-2021-28169: https://nvd.nist.gov/vuln/detail/CVE-2021-28169

      CVE-2021-34428: https://nvd.nist.gov/vuln/detail/CVE-2021-34428

       

      It is a vulnerability related to jar jetty-http-9.4.35.v20201120.jar

      Attachments

        Issue Links

          relates to

          Task - A task that needs to be done. ZOOKEEPER-4337 CVE-2021-34429 in jetty 9.4.38.v20210224 in zookeeper 3.7.0

          • Major - Major loss of function.
          • Closed
          links to

          Web Link Github Pull Request #1768

          Web Link Github Pull Request #1769

          Activity

            People

              ananysin Ananya Singh
              ananysin Ananya Singh
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: