[jira] [Commented] (IGNITE-16542) Ignite h2 security vulnerabilities

Yury Gerzhedovich (Jira) Thu, 17 Feb 2022 23:43:04 -0800


    [ 
https://issues.apache.org/jira/browse/IGNITE-16542?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17494433#comment-17494433
 ]


Yury Gerzhedovich commented on IGNITE-16542:
--------------------------------------------

CVE-2018-10054 - duplicate of IGNITE-11765 and not a problem
CVE-2018-14335 - duplicate of IGNITE-11765 and not a problem
CVE-2021-42392  - covered by IGNITE-11333
CVE-2022-23221, CVE-2021-23463 - Unfortunately, update to the newest H2 version 
is not possible, since H2 removed the Ignite support ( 
https://github.com/h2database/h2database/pull/2227 ) . 

> Ignite h2 security vulnerabilities
> ----------------------------------
>
>                 Key: IGNITE-16542
>                 URL: https://issues.apache.org/jira/browse/IGNITE-16542
>             Project: Ignite
>          Issue Type: Bug
>    Affects Versions: 2.12
>            Reporter: Pratiksha P
>            Priority: Major
>
> I face below vulnaribilities while using ignite 2.12.0 or 2.11.0 version
>  # CVE-2018-10054
>  # CVE-2018-14335
>  # CVE-2022-23221
>  # CVE-2021-42392
>  # CVE-2021-23463
> Is there is any solution available for above issues.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (IGNITE-16542) Ignite h2 security vulnerabilities

Reply via email to