VYPR

apk package

chainguard/zookeeper-bitnami-3.9-compat

pkg:apk/chainguard/zookeeper-bitnami-3.9-compat

Vulnerabilities (7)

  • CVE-2025-11226MedOct 1, 2025
    affected < 3.9.4.2-r3fixed 3.9.4.2-r3

    ACE vulnerability in conditional configuration file processing by QOS.CH logback-core up to and including version 1.5.18 in Java applications, allows an attacker to execute arbitrary code by compromising an existing logback configuration file or by injecting an environment varia

  • CVE-2025-58057Sep 3, 2025
    affected < 3.9.4-r0fixed 3.9.4-r0

    Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In netty-codec-compression versions 4.1.124.Final and below, and netty-codec versions 4.2.4.Final and below, when supplied with s

  • CVE-2025-25193Feb 10, 2025
    affected < 0fixed 0

    Netty, an asynchronous, event-driven network application framework, has a vulnerability in versions up to and including 4.1.118.Final. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts

  • CVE-2025-24970Feb 10, 2025
    affected < 3.9.3-r0fixed 3.9.3-r0

    Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in version 4.1.91.Final and prior to version 4.1.118.Final. When a special crafted packet is received via SslHandler it doesn't correctly handle validation of such a packet in all cas

  • CVE-2024-47535Nov 12, 2024
    affected < 0fixed 0

    Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application

  • CVE-2024-8184Oct 14, 2024
    affected < 3.9.3-r0fixed 3.9.3-r0

    There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's

  • CVE-2023-6378Nov 29, 2023
    affected < 3.9.1.0-r7fixed 3.9.1.0-r7

    A serialization vulnerability in logback receiver component part of logback version 1.4.11 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data.