By the Year
In 2022 there have been 0 vulnerabilities in Apache Bookkeeper . Last year Bookkeeper had 1 security vulnerability published. Right now, Bookkeeper is on track to have less security vulnerabilities in 2022 than it did last year.
It may take a day or so for new Bookkeeper vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Apache Bookkeeper Security Vulnerabilities
A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element
7.5 - High
- January 26, 2021
A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service.
SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c
5.3 - Medium
- December 24, 2019
SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling.
Improper Handling of Exceptional Conditions
Included in Log4j 1.2 is a SocketServer class
9.8 - Critical
- December 20, 2019
Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17.