Youlong Chen

Name of the Vulnerable Software and Affected Versions Apache Cassandra versions 4.0 through 4.0.19, 4.1 through 4.1.10, and 5.0 through 5.0.6 Description An authenticated user can cause increased query latencies through repeated password changes in Apache Cassandra. This issue affects versions 4.0, 4.1, and 5.0. Recommendations Upgrade to version 4.0.20 Upgrade to version 4.1.11 Upgrade to version 5.0.7

**Name of the Vulnerable Software and Affected Versions** Apache ZooKeeper versions 3.8.5 and 3.9.4 **Description** An issue exists in Apache ZooKeeper where improper handling of configuration values in ZKConfig can lead to the exposure of sensitive information. Specifically, client configuration data stored in the client's logfile may be revealed to an attacker. This occurs because configuration values are logged at the INFO level, potentially impacting production systems. **Recommendations** Upgrade to Apache ZooKeeper version 3.8.6 or 3.9.5 to resolve this issue.