VYPR
Vendor

H2database

Products
2
CVEs
1
Across products
1
Status
Private

Products

2

Recent CVEs

1
  • CVE-2021-42392CriJan 10, 2022
    risk 0.69cvss 9.8epss 0.63

    The org.h2.util.JdbcUtils.getConnection method of the H2 database takes as parameters the class name of the driver and URL of the database. An attacker may pass a JNDI driver name and a URL leading to a LDAP or RMI servers, causing remote code execution. This can be exploited…