VYPR

Ignite

by Apache

Source repositories

CVEs (3)

  • CVE-2017-7686HigJun 28, 2017
    risk 0.49cvss 7.5epss 0.03

    Apache Ignite 1.0.0-RC3 to 2.0 uses an update notifier component to update the users about new project releases that include additional functionality, bug fixes and performance improvements. To do that the component communicates to an external PHP server (http://ignite.run)…

  • CVE-2025-48977MedMay 28, 2026
    risk 0.42cvss 6.5epss 0.01

    Relative Path Traversal vulnerability in Apache Ignite REST API. Authenticated REST API users can read any file on the server with "cmd=log" command and a log path crafted in a certain way. This issue affects Apache Ignite: from 2.0.0 through 2.17.0. Users are recommended to…

  • CVE-2016-6805MedApr 7, 2017
    risk 0.39cvss 5.9epss 0.02

    Apache Ignite before 1.9 allows man-in-the-middle attackers to read arbitrary files via XXE in modified update-notifier documents.