CRITICAL9.1CVE-2024-51504Apache ZooKeeper: Authentication bypass with IP-based authentication in Admin Server >= 3.9.0, < 3.9.3
from 0, < 3.7.2, >= 3.8.0, < 3.8.3 | >= 3.9.0, <= 3.9.0
HIGH7.5CVE-2026-24308Apache ZooKeeper has improper handling of configuration values >= 3.8.0, < 3.8.6, >= 3.9.0, < 3.9.5
HIGH7.4Apache ZooKeeper: Reverse-DNS fallback enables hostname verification bypass in ZooKeeper ZKTrustManager
>= 3.8.0, < 3.8.6, >= 3.9.0, < 3.9.5
MEDIUM5.9Possible request smuggling in HTTP/2 due missing validation
>= 3.5.9, < 3.5.10
MEDIUM5.3Apache ZooKeeper vulnerable to information disclosure in persistent watchers handling
>= 3.6.0, < 3.8.4, >= 3.9.0, < 3.9.2
MEDIUM4.3Apache ZooKeeper: Insufficient Permission Check in AdminServer Snapshot/Restore Commands
>= 3.9.0, < 3.9.4