Latest version: v3.46.0.6
| CVE/PVE | Vulnerability ID | Advisory | Affected versions | Severity | Severity Score |
|---|---|---|---|---|---|
| PVE-2024-72502 | 72502 |
H2o 3.46.0.4 updates its MAVEN dependency 'com.fasterxml.jackson.core… |
|
- | - |
| CVE-2023-35116 | 72503 |
H2o 3.46.0.4 updates its MAVEN dependency 'com.fasterxml.jackson.core… |
|
MEDIUM | 4.7 |
| PVE-2023-63047 | 63047 |
H2o 3.44.0.2 updates its MAVEN dependency org.python:jython due to a … |
|
- | - |
| CVE-2022-45693 | 59332 |
H2o 3.44.0.1 updates its MAVEN dependency 'org.codehaus.jettison:jett… |
|
HIGH | 7.5 |
| CVE-2022-40149 | 72501 |
H2o 3.44.0.1 updates its MAVEN dependency 'org.codehaus.jettison:jett… |
|
HIGH | 7.5 |
| CVE-2023-1370 | 59335 |
H2o 3.44.0.1 updates its MAVEN dependency 'net.minidev:json-smart' to… |
|
HIGH | 7.5 |
| CVE-2022-40150 | 59334 |
H2o 3.44.0.1 updates its MAVEN dependency 'org.codehaus.jettison:jett… |
|
HIGH | 7.5 |
| CVE-2023-1436 | 59331 |
H2o 3.44.0.1 updates its MAVEN dependency 'org.codehaus.jettison:jett… |
|
HIGH | 7.5 |
| CVE-2022-45685 | 59333 |
H2o 3.44.0.1 updates its MAVEN dependency 'org.codehaus.jettison:jett… |
|
HIGH | 7.5 |
| PVE-2023-60620 | 60620 |
H2o 3.42.0.3 deletes its MAVEN dependency 'no.priv.garshol.duke:duke'… |
|
- | - |
| CVE-2023-2976 | 59320 |
H2o 3.42.0.1 updates its MAVEN dependency 'guava' to '32.0.1-jre' to … |
|
HIGH | 7.1 |
| CVE-2022-3509 | 59337 |
H2o 3.38.0.4 updates its dependency 'com.google.cloud:google-cloud-st… |
|
HIGH | 7.5 |
| CVE-2022-42003 | 59338 |
H2o 3.38.0.2 updates its MAVEN dependency 'com.fasterxml.jackson.core… |
|
HIGH | 7.5 |
| CVE-2022-42889 | 59339 |
H2o 3.38.0.2 updates its MAVEN dependency 'org.apache.commons:commons… |
|
CRITICAL | 9.8 |
| CVE-2022-25647 | 59343 |
H2o 3.36.1.3 updates its MAVEN dependency 'com.google.code.gson:gson'… |
|
HIGH | 7.5 |
| CVE-2021-44832 | 44451 |
H2o 3.36.0.1 updates its MAVEN dependency 'log4j' to v2.17.1 to fix a… |
|
MEDIUM | 6.6 |
| CVE-2021-45105 | 43439 |
H2o 3.34.0.7 updates its MAVEN dependency 'log4j' to version 2.17.0 t… |
|
MEDIUM | 5.9 |
| CVE-2021-44228 | 43397 |
H2o 3.34.0.7 updates its MAVEN dependency 'log4j' to version 2.17.0 t… |
|
CRITICAL | 10.0 |
| CVE-2021-45046 | 43398 |
H2o 3.34.0.7 updates its MAVEN dependency 'log4j' to version 2.17.0 t… |
|
CRITICAL | 9.0 |
| CVE-2023-6569 | 65214 |
Affected versions of H2o are vulnerable to External Control of File N… |
|
HIGH | 8.2 |
| CVE-2024-5550 | 72522 |
Affected versions of H2o are vulnerable to Exposure of Sensitive Info… |
|
MEDIUM | 5.3 |
| CVE-2024-5979 | 72091 |
Affected versions of H2o are vulnerable to CVE-2024-5979: The 'run_to… |
|
- | - |