You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@ignite.apache.org by Ilya Korol <ll...@gmail.com> on 2021/11/03 07:50:01 UTC
RE: CVE-2021-2816[3,4,5] vulnerabilities and Ignite 2.8.1
I guess so. If vulnerability present in particular JAR by excluding this
JAR from classpath, CVE should not affect you environment.
On 2021/10/27 12:58:12 Dana Milan wrote:
> Hi,
> .
> Can anyone provide a clarification of how jetty is being used by Ignite
> 2.8.1 and whether there is another way to avoid its vulnerabilities when
> using Ignite besides upgrading to a newer Ignite version?
> To be more specific, if I don't enable REST API (by not moving
> ignite-rest-http from libs/optional to libs directory), will it eliminate
> these vulnerabilities from my Ignite node?
>
> Thanks a lot,
> Dana
>