Vulnerabilities (CVE)

Vendor filter

H2database Subscribe


2 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-14335 1 H2database 1 H2 2018-09-20 4.0
An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files (outside of their permissions) via a symlink to a fake database file.
CVE-2018-10054 1 H2database 1 H2 2018-05-22 6.5
H2 1.4.197, as used in Datomic before 0.9.5697 and other products, allows remote code execution because CREATE ALIAS can execute arbitrary Java code.