Uploaded image for project: 'Ignite'
  1. Ignite
  2. IGNITE-8471

Apache ignite for .NET has security vulnerabilities

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 2.4
    • 2.5
    • security

    Description

      There are two security vulnerabilities in the latest 2.4.0 version.

      1. commons-beanutils-1.8.3.jar.  Here is the vulnerability id CVE-2014-0114 :  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0114

      Resolution to this issue is: All Commons BeanUtils users should upgrade to the latest version >= commons-beanutils-1.9.2

      1. commons-codec-1.6.jar: Here is the vulnerability detail https://issues.apache.org/jira/browse/CODEC-96

      Resolution to this issue is: To upgrade to the latest available Version 1.11

      Attachments

        Issue Links

          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. IGNITE-8472 Apache ignite for .NET has security vulnerabilities

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved
          links to

          Web Link GitHub Pull Request #3984

          Activity

            People

              agura Andrey N. Gura
              hkrai77 Harendra Rai
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: