Vulnerabilities > Apache > Ignite > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-03 | CVE-2020-1963 | Missing Authorization vulnerability in Apache Ignite Apache Ignite uses H2 database to build SQL distributed execution engine. | 9.1 |
| 2018-07-20 | CVE-2018-8018 | Deserialization of Untrusted Data vulnerability in Apache Ignite In Apache Ignite before 2.4.8 and 2.5.x before 2.5.3, the serialization mechanism does not have a list of classes allowed for serialization/deserialization, which makes it possible to run arbitrary code when 3-rd party vulnerable classes are present in Ignite classpath. | 9.8 |
| 2018-04-11 | CVE-2018-1273 | Injection vulnerability in multiple products Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. | 9.8 |
| 2018-04-02 | CVE-2018-1295 | Deserialization of Untrusted Data vulnerability in Apache Ignite In Apache Ignite 2.3 or earlier, the serialization mechanism does not have a list of classes allowed for serialization/deserialization, which makes it possible to run arbitrary code when 3-rd party vulnerable classes are present in Ignite classpath. | 9.8 |