Apache Ignite release notes contain details about fixes including CVEs addressed. https://github.com/apache/ignite/blob/master/RELEASE_NOTES.txt
Current known vulnerabilities are determined by vulnerability testing, which differs depending on who (test/scan tool vendor, stakeholder/user) does the testing. All scanner tools are different, and most support configurable policy around what to recognize and what to report. GridGain performs security audits of commercial distributions, but the Ignite community is responsible to perform its own testing. Some public vulnerability scan reports are available. YMMV: https://security.snyk.io/package/maven/org.apache.ignite:ignite-core On Thu, Aug 1, 2024 at 7:53 PM Vishy Ramaswamy <[email protected]> wrote: > Hi All, > We are trying out Apache Ignite version 2.16.0. I want to know where I can > get information about what vulnerabilities (CVE) got addressed in 2.16.0 as > well as what are the current known vulnerabilities on 2.16 (if any). > Appreciate the help and thanks in advance for your response > > Vishy > > > Vishy Ramaswamy > Modernization Architect | Workload Automation > Mainframe Division | Broadcom > > mobile: +1.236.638.9672 > > CAN-British Columbia Remote Location > > [email protected] | broadcom.com > > This electronic communication and the information and any files > transmitted with it, or attached to it, are confidential and are intended > solely for the use of the individual or entity to whom it is addressed and > may contain information that is confidential, legally privileged, protected > by privacy laws, or otherwise restricted from disclosure to anyone else. If > you are not the intended recipient or the person responsible for delivering > the e-mail to the intended recipient, you are hereby notified that any use, > copying, distributing, dissemination, forwarding, printing, or copying of > this e-mail is strictly prohibited. If you received this e-mail in error, > please return the e-mail to the sender, delete it from your computer, and > destroy any printed copy of it.
