Vulnerabilities (CVE)

Vendor filter

H2database Subscribe


2 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-14335 1 H2database 1 H2 2019-10-03 4.0
An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files (outside of their permissions) via a symlink to a fake database file.
CVE-2018-10054 2 H2database, Cognitect 2 H2, Datomic 2019-10-02 6.5
H2 1.4.197, as used in Datomic before 0.9.5697 and other products, allows remote code execution because CREATE ALIAS can execute arbitrary Java code.