Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/com.h2database/h2@2.1.214
Typemaven
Namespacecom.h2database
Nameh2
Version2.1.214
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.2.220
Latest_non_vulnerable_version2.2.220
Affected_by_vulnerabilities
0
url VCID-ahev-cr9q-g3d3
vulnerability_id VCID-ahev-cr9q-g3d3
summary 
Password exposure in H2 Database
The web-based admin console in H2 Database Engine through 2.1.214 can be started via the CLI with the argument -webAdminPassword, which allows the user to specify the password in cleartext for the web admin console. Consequently, a local user (or an attacker that has obtained local access through some means) would be able to discover the password by listing processes and their arguments. NOTE: the vendor states "This is not a vulnerability of H2 Console ... Passwords should never be passed on the command line and every qualified DBA or system administrator is expected to know that."
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-45868
reference_id
reference_type
scores
0
value 0.00293
scoring_system epss
scoring_elements 0.52608
published_at 2026-04-08T12:55:00Z
1
value 0.00293
scoring_system epss
scoring_elements 0.52574
published_at 2026-04-29T12:55:00Z
2
value 0.00293
scoring_system epss
scoring_elements 0.52612
published_at 2026-04-26T12:55:00Z
3
value 0.00293
scoring_system epss
scoring_elements 0.52601
published_at 2026-04-24T12:55:00Z
4
value 0.00293
scoring_system epss
scoring_elements 0.52651
published_at 2026-04-21T12:55:00Z
5
value 0.00293
scoring_system epss
scoring_elements 0.52666
published_at 2026-04-18T12:55:00Z
6
value 0.00293
scoring_system epss
scoring_elements 0.52659
published_at 2026-04-16T12:55:00Z
7
value 0.00293
scoring_system epss
scoring_elements 0.52621
published_at 2026-04-13T12:55:00Z
8
value 0.00293
scoring_system epss
scoring_elements 0.52635
published_at 2026-04-12T12:55:00Z
9
value 0.00293
scoring_system epss
scoring_elements 0.52556
published_at 2026-04-07T12:55:00Z
10
value 0.00293
scoring_system epss
scoring_elements 0.52563
published_at 2026-04-02T12:55:00Z
11
value 0.00293
scoring_system epss
scoring_elements 0.52589
published_at 2026-04-04T12:55:00Z
12
value 0.00293
scoring_system epss
scoring_elements 0.52652
published_at 2026-04-11T12:55:00Z
13
value 0.00293
scoring_system epss
scoring_elements 0.52602
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-45868
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45868
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45868
2
reference_url https://github.com/advisories/GHSA-22wj-vf5f-wrvj
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AC:L/AV:L/A:H/C:H/I:H/PR:N/S:U/UI:N
2
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-19T20:58:21Z/
url https://github.com/advisories/GHSA-22wj-vf5f-wrvj
3
reference_url https://github.com/h2database/h2database
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/h2database/h2database
4
reference_url https://github.com/h2database/h2database/blob/96832bf5a97cdc0adc1f2066ed61c54990d66ab5/h2/src/main/org/h2/server/web/WebServer.java#L346-L347
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AC:L/AV:L/A:H/C:H/I:H/PR:N/S:U/UI:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-19T20:58:21Z/
url https://github.com/h2database/h2database/blob/96832bf5a97cdc0adc1f2066ed61c54990d66ab5/h2/src/main/org/h2/server/web/WebServer.java#L346-L347
5
reference_url https://github.com/h2database/h2database/commit/581ed18ff9d6b3761d851620ed88a3994a351a0d
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/h2database/h2database/commit/581ed18ff9d6b3761d851620ed88a3994a351a0d
6
reference_url https://github.com/h2database/h2database/issues/3686
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AC:L/AV:L/A:H/C:H/I:H/PR:N/S:U/UI:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-19T20:58:21Z/
url https://github.com/h2database/h2database/issues/3686
7
reference_url https://github.com/h2database/h2database/pull/3833
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AC:L/AV:L/A:H/C:H/I:H/PR:N/S:U/UI:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-19T20:58:21Z/
url https://github.com/h2database/h2database/pull/3833
8
reference_url https://github.com/h2database/h2database/releases/tag/version-2.2.220
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AC:L/AV:L/A:H/C:H/I:H/PR:N/S:U/UI:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-19T20:58:21Z/
url https://github.com/h2database/h2database/releases/tag/version-2.2.220
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-45868
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-45868
10
reference_url https://sites.google.com/sonatype.com/vulnerabilities/sonatype-2022-6243
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AC:L/AV:L/A:H/C:H/I:H/PR:N/S:U/UI:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-19T20:58:21Z/
url https://sites.google.com/sonatype.com/vulnerabilities/sonatype-2022-6243
fixed_packages
0
url pkg:maven/com.h2database/h2@2.2.220
purl pkg:maven/com.h2database/h2@2.2.220
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.h2database/h2@2.2.220
aliases CVE-2022-45868, GHSA-22wj-vf5f-wrvj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ahev-cr9q-g3d3
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/com.h2database/h2@2.1.214