You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@ignite.apache.org by "Lo, Marcus " <ma...@citi.com> on 2022/02/21 07:15:46 UTC
h2 vulnerability CVE-2021-23463
Hi,
Is Ignite impacted by h2 vulnerability CVE-2021-23463? Thanks.
https://nvd.nist.gov/vuln/detail/CVE-2021-23463
Regards,
Marcus
Re: h2 vulnerability CVE-2021-23463
Posted by Maksim Timonin <ti...@apache.org>.
Hi Marcus,
> The package com.h2database:h2 from 1.4.198 and before 2.0.202 are
vulnerable to XML
Ignite uses version 1.4.197, so Ignite isn't impacted by this CVE.
Maksim
On Mon, Feb 21, 2022 at 10:16 AM Lo, Marcus <ma...@citi.com> wrote:
> Hi,
>
>
>
> Is Ignite impacted by h2 vulnerability CVE-2021-23463? Thanks.
>
>
>
> https://nvd.nist.gov/vuln/detail/CVE-2021-23463
>
>
>
> Regards,
>
> Marcus
>
>
>