Latest version: v3.46.0.2
| CVE/PVE | Vulnerability ID | Advisory | Affected versions | Severity | Severity Score |
|---|---|---|---|---|---|
| PVE-2023-63047 | 63047 |
H2o 3.44.0.2 upgrades the org.python:jython due to a Use After Free v… |
|
- | - |
| PVE-2023-60620 | 60620 |
H2o 3.42.0.3 includes a fix for an Arbitrary Code Execution vulnerabi… |
|
- | - |
| CVE-2020-29582 | 59328 |
H2o 3.42.0.1 updates its dependency 'kotlin-stdlib' to '1.4.32' to fi… |
|
MEDIUM | 5.3 |
| CVE-2023-26049 | 59330 |
H2o 3.42.0.1 updates its dependency 'jetty' to '9.4.51.v20230217' to … |
|
MEDIUM | 5.3 |
| CVE-2023-2976 | 59320 |
H2o 3.42.0.1 updates its dependency 'guava' to '32.0.1-jre' to fix CV… |
|
HIGH | 7.1 |
| CVE-2022-40150 | 59334 |
H2o 3.42.0.1 updates its dependency 'jettison' to '1.5.4' to fix CVE-… |
|
HIGH | 7.5 |
| CVE-2022-45685 | 59333 |
H2o 3.42.0.1 updates its dependency 'jettison' to '1.5.4' to fix CVE-… |
|
HIGH | 7.5 |
| CVE-2023-1436 | 59331 |
H2o 3.42.0.1 updates its dependency 'jettison' to '1.5.4' to fix CVE-… |
|
HIGH | 7.5 |
| CVE-2023-26048 | 59329 |
H2o 3.42.0.1 updates its dependency 'jetty' to '9.4.51.v20230217' to … |
|
MEDIUM | 5.3 |
| CVE-2022-45693 | 59332 |
H2o 3.42.0.1 updates its dependency 'jettison' to '1.5.4' to fix CVE-… |
|
HIGH | 7.5 |
| CVE-2023-6569 | 65214 |
Remote unauthenticated attackers can overwrite arbitrary server files… |
|
HIGH | 8.2 |
| CVE-2023-1370 | 59335 |
H2o 3.40.0.4 updates its dependency 'json-smart' to '2.4.10' to fix C… |
|
HIGH | 7.5 |
| CVE-2014-125087 | 59336 |
H2o 3.40.0.3 removes its dependency 'jets3t' to fix CVE-2014-125087. … |
|
CRITICAL | 9.8 |
| CVE-2022-3509 | 59337 |
H2o 3.38.0.4 updates its dependency 'google-cloud-storage' to '2.13.1… |
|
HIGH | 7.5 |
| CVE-2022-42889 | 59339 |
H2o 3.38.0.2 updates its dependency 'commons-text' to '1.10.0' to fix… |
|
CRITICAL | 9.8 |
| CVE-2022-42003 | 59338 |
H2o 3.38.0.2 updates its dependency 'jackson-databind' to '2.13.4.2' … |
|
HIGH | 7.5 |
| CVE-2021-22573 | 59340 |
H2o 3.36.1.4 updates its dependency AWS Java SDK to '1.12.127' to fix… |
|
HIGH | 7.3 |
| CVE-2019-10172 | 59342 |
H2o 3.36.1.4 updates its dependency 'jetty' to '9.4.48.v20220622' to … |
|
HIGH | 7.5 |
| CVE-2022-25647 | 59343 |
H2o 3.36.1.3 updates its dependency 'gson' to '2.9.0' to fix CVE-2022… |
|
HIGH | 7.5 |
| CVE-2021-44832 | 44451 |
H2o 3.36.0.1 updates its dependency 'log4j' to v2.17.1 to fix a mediu… |
|
MEDIUM | 6.6 |
| CVE-2021-45046 | 43398 |
H2o 3.34.0.7 updates its dependency 'log4j' to v2.17.0 to fix critica… |
|
CRITICAL | 9.0 |
| CVE-2021-44228 | 43397 |
H2o 3.34.0.7 updates its dependency 'log4j' to v2.17.0 to fix critica… |
|
CRITICAL | 10.0 |
| CVE-2021-45105 | 43439 |
H2o 3.34.0.7 updates its dependency 'log4j' to v2.17.0 to fix critica… |
|
MEDIUM | 5.9 |