Apache ZooKeeper: 3.6.4 → 3.7.2
Apache · upgrade impact · Official site ↗
Fixed by upgrading to 3.7.2 iVulnerabilities that affect 3.6.4 but no longer affect 3.7.2 — the security gain from this upgrade, by exploited status then exploitation probability.
Exploited first, then by exploitation probability (EPSS).
CVE-2023-44981 CRITICAL EPSS 2% ✓ cleared in 3.7.2Still open in 3.7.2 iKnown vulnerabilities that affect 3.7.2 too — upgrading to it does not clear these.
These affect 3.7.2 as well — a later release may be needed.
CVE-2024-23944 MEDIUM EPSS 0% → fixed in 3.9.2