Apache ZooKeeper versions 3.6.4-r4 vulnerable to security issue

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Apache ZooKeeper versions 3.6.4-r4 vulnerable to security issue

CLEANSTART-2026-BB02574

Summary

Apache ZooKeeper versions 3.6.4-r4 contain a security vulnerability that could allow unauthorized access to sensitive data. To protect your system, update to a newer version of Apache ZooKeeper that has this issue fixed.

What to do

Update apache-zookeeper to version 3.6.4-r4.

Affected software

Vendor	Product	Affected versions	Fix available
–	apache-zookeeper	<= 3.6.4-r4	3.6.4-r4

Original title

Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4

Original description

Security vulnerability affects the apache-zookeeper package. This issue is resolved in later releases. See references for vulnerability details.

https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advis... Vendor Advisory
https://osv.dev/vulnerability/ghsa-72hv-8253-57qq URL

Published: 8 Apr 2026 · Updated: 9 Apr 2026 · First seen: 9 Apr 2026