You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@ignite.apache.org by "Lo, Marcus " <ma...@citi.com> on 2022/02/21 07:15:46 UTC

h2 vulnerability CVE-2021-23463

Hi,

Is Ignite impacted by h2 vulnerability CVE-2021-23463? Thanks.

https://nvd.nist.gov/vuln/detail/CVE-2021-23463

Regards,
Marcus

Re: h2 vulnerability CVE-2021-23463

Posted by Maksim Timonin <ti...@apache.org>.

Hi Marcus,

> The package com.h2database:h2 from 1.4.198 and before 2.0.202 are
vulnerable to XML

Ignite uses version 1.4.197, so Ignite isn't impacted by this CVE.

Maksim

On Mon, Feb 21, 2022 at 10:16 AM Lo, Marcus <ma...@citi.com> wrote:

> Hi,
>
>
>
> Is Ignite impacted by h2 vulnerability CVE-2021-23463? Thanks.
>
>
>
> https://nvd.nist.gov/vuln/detail/CVE-2021-23463
>
>
>
> Regards,
>
> Marcus
>
>
>