priya Vijay created ZOOKEEPER-4285: -------------------------------------- Summary: High CVE-2019-25013 reported by Clair scanner for Zookeeper 3.6.1 Key: ZOOKEEPER-4285 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4285 Project: ZooKeeper Issue Type: Bug Reporter: priya Vijay
On running clair scanner for Zookeeper 3.6.1, the following high priority vulnerability is reported: CVE-2019-25013 [https://nvd.nist.gov/vuln/detail/CVE-2019-25013] details: The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read -- This message was sent by Atlassian Jira (v8.3.4#803005)