[CVE-2018-1273] Apache Ignite impacted by security vulnerability in Spring Data Commons

Severity: Important Vendor: The Apache Software Foundation Versions Affected: * Apache Ignite 1.0.0-RC3 to 2.5 Impact: An unauthenticated remote malicious user (or attacker) can issue requests against Spring Data REST or Spring Data Description: Apache Ignite utilizes Spring Data Common

[ANNOUNCE] Apache Qpid JMS AMQP 0-x 6.3.2 released

The Apache Qpid (http://qpid.apache.org) community is pleased to announce the immediate availability of Apache Qpid JMS AMQP 0-x 6.3.2. This is the latest release of our legacy JMS client supporting AMQP 0-8, 0-9, 0-9-1 and 0-10. The release is available now from our website:

[CVE-2018-8018] Possible Execution of Arbitrary Code via Apache Ignite GridClientJdkMarshaller

Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Ignite 2.5 and earlier Impact: An attacker can execute arbitrary code on Ignite nodes via GridClientJdkMarshaller deserialization endpoint in the case when Ignite classpath contains arbitrary vulnerable