Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-17617

Upgrade H2 to 2.0.2 (or higher) for Wildfly 26.1.3 (CVE-2021-23463)

XMLWordPrintable

    • Icon: Component Upgrade Component Upgrade
    • Resolution: Won't Do
    • Icon: Major Major
    • None
    • 26.1.3.Final
    • JCA, JPA / Hibernate
    • None
    • ---
    • ---

      Trivy reports several CRITICAL vulnerability issues with Wildfly 26.1.3.Final. One of which (CVE-2021-23463) deals with H2. This vulnerability appears to have been resolved already for Wildfly 27: WFLY-16737. We're however still depended on 26. Could you please upgrade H2 for that version as well?

       

       

       

              tadamski@redhat.com Tomasz Adamski
              tom.gilissen Tom Gilissen (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: