Hi, It looks like all the recent versions of Apache Ignite ( apache ignite indexing) depends on H2 version 1.4.197. This version has at least 2 CVE’s : https://nvd.nist.gov/vuln/detail/CVE-2018-10054 https://nvd.nist.gov/vuln/detail/CVE-2018-14335
I do understand that not all above CVE’s can be exploited due to a way Ignite uses H2 but still : Is there any plans to upgrade to version that doesn’t has those ? Thank You, Vladik
