Ignite is not affected. The description says "Applications that use UriComponentsBuilder...", and we do not use UriComponentsBuilder at all, not a single match in the source code [1]
[1] https://github.com/search?q=repo%3Aapache%2Fignite%20UriComponentsBuilder&type=code On Thu, Feb 29, 2024 at 6:13 AM David Horton <dhorton.in...@gmail.com> wrote: > Hi Team, > > Could you please advise if Ignite 2.14/2.15 is vulnerable to > https://spring.io/security/cve-2024-22243 and if so whether a patch is > planned? > > Thanks. >