Vulnerabilities > Apache > Bookkeeper > 4.7.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-15 | CVE-2022-32531 | Unspecified vulnerability in Apache Bookkeeper The Apache Bookkeeper Java Client (before 4.14.6 and also 4.15.0) does not close the connection to the bookkeeper server when TLS hostname verification fails. | 5.9 |
| 2019-12-20 | CVE-2019-17571 | Deserialization of Untrusted Data vulnerability in multiple products Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. | 9.8 |