High severity7.5NVD Advisory· Published Jul 21, 2024· Updated Apr 15, 2026

CVE-2024-6960

Description

The H2O machine learning platform uses "Iced" classes as the primary means of moving Java Objects around the cluster. The Iced format supports inclusion of serialized Java objects. When a model is deserialized, any class is allowed to be deserialized (no class whitelist). An attacker can construct a crafted Iced model that uses Java gadgets and leads to arbitrary code execution when imported to the H2O platform.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
ai.h2o:h2o-coreMaven	<= 3.46.0.4	—

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/advisories/GHSA-w36w-948j-xhfwghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2024-6960ghsaADVISORY
mvnrepository.com/artifact/ai.h2o/h2o-corenvdWEB
research.jfrog.com/vulnerabilities/h2o-model-deserialization-rce-jfsa-2024-001035518ghsaWEB
research.jfrog.com/vulnerabilities/h2o-model-deserialization-rce-jfsa-2024-001035518/nvd

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000