Description
The ignite-rest-http module includes a vulnerable version of the log4j library. It also appears to include slf4j. Why does the REST API include its own logging libraries?
This was spotted in 2.8.1 but still appears to be an issue in master and 2.9.
More here:
Attachments
Issue Links
- is cloned by
-
IGNITE-13601 Ignite-rest-http and ignite-kubernetes include vulnerable dependencies
- Resolved
- links to