Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
-
Important
Description
Recently we have scanned Apache Ignite 2.5 source code and all the associated maven packages using Blackduck. The scan identified with many of the dependencies for Ignite 2.5. Many of these vulnerabilities are rated as High risk vulnerabilities. I've attached the vulnerability report to this ticket.
Attachments
Attachments
Issue Links
- incorporates
-
IGNITE-9035 Update log4j 2x version in Apache Ignite
- Resolved
-
IGNITE-9036 Update FasterXML jackson-databind dependency version in Apache Ignite
- Resolved
-
IGNITE-9046 Actualize dependency versions for Cassandra Cache Store
- Resolved
-
IGNITE-9057 Update JCraft dependency version in Apache Ignite
- Resolved
-
IGNITE-9058 Update Apache Tomcat dependency version
- Resolved
-
IGNITE-9073 Ignite modules should use jackson2 dependency rater then jackson1
- Resolved
-
IGNITE-9349 Update Spring Data 2x and 1x and Spring 5x and 4x versions
- Resolved
-
IGNITE-9123 Update Apache commons-collections in ignite-yarn module
- Resolved
-
IGNITE-9126 Update Apache Kafka dependency
- Resolved
-
IGNITE-9131 Upgrade guava version in Apache Ignite
- Resolved
-
IGNITE-9132 Update Apache Camel dependency version
- Resolved
- is related to
-
IGNITE-9340 Update Jetty version in Apache Ignite (ignite-rest-http)
- Resolved
- relates to
-
IGNITE-9495 Upgrade lucene dependency version.
- Resolved