[
https://issues.apache.org/jira/browse/IGNITE-11765?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Alexey Goncharuk updated IGNITE-11765:
--------------------------------------
Ignite Flags: (was: Docs Required)
> Vulnerable library H2 Database Engine1.4.197 used
> -------------------------------------------------
>
> Key: IGNITE-11765
> URL: https://issues.apache.org/jira/browse/IGNITE-11765
> Project: Ignite
> Issue Type: Bug
> Affects Versions: 2.7
> Reporter: VIJAY BHATT
> Priority: Major
>
> We use blackduck for scanning our project. It has identified Ignite 2.7.0
> using H2 Database Engine version 1.4.197 as a vulnerable library having the
> following 2 vulnerabilities:
> BDSA-2018-1048 (CVE-2018-10054)
> BDSA-2018-2507 (CVE-2018-14335)
> Suggested fix by blackduck is to use version 1.4.198
> We tried using 1.4.198 using jar override but it has some breaking changes.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
