CVE-2017-5637

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2017-5637
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-5637.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2017-5637
Aliases
Downstream
Related
Published
2017-10-10T01:30:22Z
Modified
2025-08-09T20:01:27Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Two four letter word commands "wchp/wchc" are CPU intensive and could cause spike of CPU utilization on Apache ZooKeeper server if abused, which leads to the server unable to serve legitimate client requests. Apache ZooKeeper thru version 3.4.9 and 3.5.2 suffer from this issue, fixed in 3.4.10, 3.5.3, and later.

References

Affected packages

Git / github.com/apache/zookeeper

Affected ranges

Type
GIT
Repo
https://github.com/apache/zookeeper
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
1285c982c0d6c1621cbc40343679b8f3f05978cb
Last affected
207a838684634327f272eeed0e67eb681db7f1aa
Last affected
2109aca0fa091222434a8895e2533a26b770ad05
Last affected
22dd197a0327eef989feaf2109e5e7371624f743
Last affected
3f572f0a3568ad21d7a1175ecde007b222c74cf4
Last affected
5963ae5a9d1ce53915ffd5855c1f6b20317631d2
Last affected
59adfa23fb6c1b9034283d6fc09cd7a4a8e6e0b1
Last affected
6182d6b97793d6ade69fdbf640b426f672fa3c0c
Last affected
b06fee00646549f7616ee0f48f20a7e7da5844af
Last affected
b3119273f9a16274ed9e1f87418a765b130e1063
Last affected
e0d8cb65658fa8b56c4c0eec5dd8044e7ac4fb7f
Last affected
f0b33bd9064bce87b029690b82b26b192bde8eba
Last affected
f1c2e3ad35128d766e30e05350c95d6362b2d2cc