2 matches found
com.ecfront.dew:cluster-spi-ignite (>=1.0.0 <=1.1.4), com.ecfront:ezf-message (>=3.0.0-beta1 <=3.0.0-beta3) +103 more potentially affected by CVE-2017-7686 via org.apache.ignite:ignite-core (>=1.0.0-RC1 <=2.0.0)
org.apache.ignite:ignite-core MAVEN version =1.0.0-RC1, =1.0.0, =3.0.0-beta1, =0.0.1, =1.0, =1.1.0-RELEASE, =1.0.0-RELEASE, =1.0.0-RELEASE, =0.0.5, =0.0.5, =0.0.5, =0.0.8 and more Source cves: CVE-2017-7686 Source advisory: OSV:GHSA-8P83-68CW-943F...
CVE-2017-7686
Apache Ignite versions 1.0.0-RC3 through 2.0 are affected by an information disclosure vulnerability stemming from an update notifier that communicates to an external PHP server (ignite.run) and transmits system properties (e.g., Ignite/Java version) that may contain user‑sensitive information. I...