Denial of Service by ReDOS in h2oai/h2o-3
Description
A vulnerability in the /3/Parse endpoint of h2oai/h2o-3 version 3.46.0.1 allows for a denial of service (DoS) attack. The endpoint uses a user-specified string to construct a regular expression, which is then applied to another user-specified string. By sending multiple simultaneous requests, an attacker can exhaust all available threads, leading to a complete denial of service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
CVE-2024-10549 describes a DoS vulnerability in H2O-3's /3/Parse endpoint where user-supplied regex input can exhaust all threads via multiple simultaneous requests.
The vulnerability resides in the /3/Parse endpoint of h2oai/h2o-3 version 3.46.0.1. The root cause is that the endpoint uses a user-specified string to construct a regular expression, which is then applied to another user-specified string. This design allows an attacker to trigger expensive regex operations that can consume significant processing resources, especially when multiple concurrent requests are made [1][2].
Exploitation
An attacker can exploit this vulnerability without any prior authentication by sending multiple simultaneous requests to the /3/Parse endpoint. By carefully crafting the input strings, the attacker can force the application to spend excessive time evaluating the user-controlled regex, thereby exhausting all available worker threads. The attack does not require any special network position beyond reachability of the H2O-3 instance [2][4].
Impact
Successful exploitation leads to a complete denial of service (DoS). The H2O-3 server becomes unable to process further legitimate requests as all threads are blocked by the malicious regex evaluations. This renders the machine learning platform and its services unavailable until the attack ceases or the server is restarted [2].
Mitigation
The vulnerability has been acknowledged by the project. Users are advised to update to a patched version of H2O-3 as soon as it becomes available. As of the publication date, the issue is tracked and further details can be found in the Huntr bounty report [4] and related source code [3].
- GitHub - h2oai/h2o-3: H2O is an Open Source, Distributed, Fast & Scalable Machine Learning Platform: Deep Learning, Gradient Boosting (GBM) & XGBoost, Random Forest, Generalized Linear Modeling (GLM with Elastic Net), K-Means, PCA, Generalized Additive Models (GAM), RuleFit, Support Vector Machine (SVM), Stacked Ensembles, Automatic Machine Learning (AutoML), etc.
- NVD - CVE-2024-10549
- h2o-3/h2o-core/src/main/java/water/api/ParseHandler.java at 51c25940ded8b7d0acc8f3f72329fd9dedbb3a34 · h2oai/h2o-3
- The world’s first bug bounty platform for AI/ML
AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
h2oPyPI | >= 3.30.0.7, <= 3.46.0.1 | — |
ai.h2o:h2o-coreMaven | >= 3.30.0.7, <= 3.46.0.1 | — |
Affected products
4- ghsa-coords2 versions
>= 3.30.0.7, <= 3.46.0.1+ 1 more
- (no CPE)range: >= 3.30.0.7, <= 3.46.0.1
- (no CPE)range: >= 3.30.0.7, <= 3.46.0.1
- h2oai/h2oai/h2o-3v5Range: unspecified
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4News mentions
0No linked articles in our index yet.