Spring released a vulnerability https://spring.io/security/cve-2024-22243
Ignite latest https://ignite.apache.org/download.cgi is 2.16.0
So "Ignite release 2.16 is using spring 5.2.2" But are we really vulnerable.
I am trying to understand that the Ignite is vulnerable or not, If yes what are the steps to mitigate the same.
It's vulnerable in the sense that it appears to use a version of Spring with that CVE. However, it's not vulnerable in the sense that it's unlikely to use that API.