OESA-2024-2600

See a problem?
Please try reporting it to the source first.

Source

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2600

Import Source

https://repo.openeuler.org/security/data/osv/OESA-2024-2600.json

JSON Data

https://api.test.osv.dev/v1/vulns/OESA-2024-2600

Upstream

CVE-2024-51504

Published

2024-12-27T12:33:58Z

Modified

2025-08-12T05:46:37.101187Z

Summary

zookeeper security update

Details

ZooKeeper is a centralized service for maintaining configuration information, naming, providing distributed synchronization, and providing group services.

Security Fix(es):

A vulnerability has been found in Apache ZooKeeper up to 3.9.2 and classified as critical. This vulnerability affects some unknown processing of the component HTTP Request Header Handler. Upgrading to version 3.9.3 eliminates this vulnerability.(CVE-2024-51504)

Database specific

{
    "severity": "Critical"
}

References

Affected packages

openEuler:24.03-LTS / zookeeper

Package

Name: zookeeper
Purl: pkg:rpm/openEuler/zookeeper&distro=openEuler-24.03-LTS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.9.3-1.oe2403

Ecosystem specific

{
    "src": [
        "zookeeper-3.9.3-1.oe2403.src.rpm"
    ],
    "x86_64": [
        "zookeeper-3.9.3-1.oe2403.x86_64.rpm"
    ],
    "aarch64": [
        "zookeeper-3.9.3-1.oe2403.aarch64.rpm"
    ]
}