CVE-2021-28163, GHSA-j6qj-j888-vvgq
maven/org.apache.ignite/ignite-core
Improper Link Resolution Before File Access
In Eclipse Jetty, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a static webapp, inadvertently serving the webapps themselves and anything else that might be in that directory.
All versions before 2.1.1
Upgrade to version 2.2.0 or above.
2021-09-20
source |