Uploaded image for project: 'Ignite'
  1. Ignite
  2. IGNITE-8471

Apache ignite for .NET has security vulnerabilities

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.4
    • Fix Version/s: 2.5
    • Component/s: security
    • Labels:

      Description

      There are two security vulnerabilities in the latest 2.4.0 version.

      1. commons-beanutils-1.8.3.jar.  Here is the vulnerability id CVE-2014-0114 :  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0114

      Resolution to this issue is: All Commons BeanUtils users should upgrade to the latest version >= commons-beanutils-1.9.2

      1. commons-codec-1.6.jar: Here is the vulnerability detail https://issues.apache.org/jira/browse/CODEC-96

      Resolution to this issue is: To upgrade to the latest available Version 1.11

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                agura Andrey N. Gura
                Reporter:
                hkrai77 Harendra Rai
              • Votes:
                0 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: