Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/ai.h2o/h2o-core@3.44.0.3

Type maven

Namespace ai.h2o

Name h2o-core

Version 3.44.0.3

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url VCID-1b6u-e72c-kbec

vulnerability_id VCID-1b6u-e72c-kbec

summary A vulnerability in the `/3/ParseSetup` endpoint of h2oai/h2o-3 version 3.46.0.1 allows for a denial of service (DoS) attack. The endpoint applies a user-specified regular expression to a user-controllable string. This can be exploited by an attacker to cause inefficient regular expression complexity, leading to the exhaustion of server resources and making the server unresponsive.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-10550

reference_id

reference_type

scores

value	0.00345
scoring_system	epss
scoring_elements	0.57591
published_at	2026-06-13T12:55:00Z

value	0.00345
scoring_system	epss
scoring_elements	0.57582
published_at	2026-06-14T12:55:00Z

value	0.00345
scoring_system	epss
scoring_elements	0.5746
published_at	2026-06-11T12:55:00Z

value	0.00345
scoring_system	epss
scoring_elements	0.57576
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-10550

reference_url

https://github.com/h2oai/h2o-3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/h2oai/h2o-3

reference_url

https://github.com/h2oai/h2o-3/blob/51c25940ded8b7d0acc8f3f72329fd9dedbb3a34/h2o-core/src/main/java/water/api/ParseSetupHandler.java#L121

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/h2oai/h2o-3/blob/51c25940ded8b7d0acc8f3f72329fd9dedbb3a34/h2o-core/src/main/java/water/api/ParseSetupHandler.java#L121

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-10550

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-10550

reference_url

https://huntr.com/bounties/ef3f4d89-3b8b-4618-b134-cb93c1664ec6

reference_id

ef3f4d89-3b8b-4618-b134-cb93c1664ec6

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-20T17:52:08Z/

url

https://huntr.com/bounties/ef3f4d89-3b8b-4618-b134-cb93c1664ec6

reference_url

https://github.com/advisories/GHSA-7qq7-pvm9-x8rf

reference_id

GHSA-7qq7-pvm9-x8rf

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-7qq7-pvm9-x8rf

fixed_packages

url pkg:maven/ai.h2o/h2o-core@3.46.0.2

purl pkg:maven/ai.h2o/h2o-core@3.46.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-b1re-5nwx-wfb2

vulnerability	VCID-cu6c-k4e7-puf7

vulnerability	VCID-da4r-ymzc-f7gg

vulnerability	VCID-faw8-tfz2-eudq

vulnerability	VCID-nfcx-t5c9-5bbt

vulnerability	VCID-vme1-up9z-yqaw

vulnerability	VCID-wg5g-p9nq-nbex

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/ai.h2o/h2o-core@3.46.0.2

aliases CVE-2024-10550, GHSA-7qq7-pvm9-x8rf

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1b6u-e72c-kbec

url VCID-b1re-5nwx-wfb2

vulnerability_id VCID-b1re-5nwx-wfb2

summary H2O.ai H2O through 3.46.0.4 allows attackers to arbitrarily set the JDBC URL, leading to deserialization attacks, file reads, and command execution. Exploitation can occur when an attacker has access to post to the ImportSQLTable URI with a JSON document containing a connection_url property with any typical JDBC Connection URL attack payload such as one that uses queryInterceptors.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-45758

reference_id

reference_type

scores

value	0.00106
scoring_system	epss
scoring_elements	0.28199
published_at	2026-06-11T12:55:00Z

value	0.00106
scoring_system	epss
scoring_elements	0.28409
published_at	2026-06-14T12:55:00Z

value	0.00106
scoring_system	epss
scoring_elements	0.28394
published_at	2026-06-12T12:55:00Z

value	0.00106
scoring_system	epss
scoring_elements	0.28419
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-45758

reference_url

https://github.com/h2oai/h2o-3

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/h2oai/h2o-3

reference_url

https://github.com/h2oai/h2o-3/issues/16425

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/h2oai/h2o-3/issues/16425

reference_url

https://github.com/h2oai/h2o-3/issues/16622

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/h2oai/h2o-3/issues/16622

reference_url

https://github.com/h2oai/h2o-3/pull/16624

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/h2oai/h2o-3/pull/16624

reference_url

https://gist.github.com/AfterSnows/c24ca3c26dc89ab797e610e92a6a9acb

reference_id

c24ca3c26dc89ab797e610e92a6a9acb

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-09-06T17:51:47Z/

url

https://gist.github.com/AfterSnows/c24ca3c26dc89ab797e610e92a6a9acb

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-45758

reference_id

CVE-2024-45758

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-45758

reference_url

https://github.com/advisories/GHSA-hrmc-jmp7-mpm2

reference_id

GHSA-hrmc-jmp7-mpm2

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-hrmc-jmp7-mpm2

reference_url

https://spear-shield.notion.site/Unauthenticated-Remote-Code-Execution-via-Unrestricted-JDBC-Connection-87a958a4874044199cbb86422d1f6068

reference_id

Unauthenticated-Remote-Code-Execution-via-Unrestricted-JDBC-Connection-87a958a4874044199cbb86422d1f6068

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-09-06T17:51:47Z/

url

https://spear-shield.notion.site/Unauthenticated-Remote-Code-Execution-via-Unrestricted-JDBC-Connection-87a958a4874044199cbb86422d1f6068

fixed_packages

url pkg:maven/ai.h2o/h2o-core@3.46.0.8

purl pkg:maven/ai.h2o/h2o-core@3.46.0.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cu6c-k4e7-puf7

vulnerability	VCID-wg5g-p9nq-nbex

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/ai.h2o/h2o-core@3.46.0.8

aliases CVE-2024-45758, GHSA-hrmc-jmp7-mpm2

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b1re-5nwx-wfb2

url VCID-bn79-rgcy-hybs

vulnerability_id VCID-bn79-rgcy-hybs

summary In h2oai/h2o-3 version 3.46.0, an endpoint exposing a custom EncryptionTool allows an attacker to encrypt any files on the target server with a key of their choosing. The chosen key can also be overwritten, resulting in ransomware-like behavior. This vulnerability makes it possible for an attacker to encrypt arbitrary files with keys of their choice, making it exceedingly difficult for the target to recover the keys needed for decryption.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-6863

reference_id

reference_type

scores

value	0.00092
scoring_system	epss
scoring_elements	0.26045
published_at	2026-06-14T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.25844
published_at	2026-06-11T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.26043
published_at	2026-06-12T12:55:00Z

value	0.00092
scoring_system	epss
scoring_elements	0.26059
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-6863

reference_url

https://github.com/h2oai/h2o-3

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/h2oai/h2o-3

reference_url

https://github.com/h2oai/h2o-3/blob/a20b5b19b769866ee24b217ee78b820e64c1cd6a/h2o-core/src/main/java/water/tools/EncryptionTool.java#L49

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/h2oai/h2o-3/blob/a20b5b19b769866ee24b217ee78b820e64c1cd6a/h2o-core/src/main/java/water/tools/EncryptionTool.java#L49

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-6863

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-6863

reference_url

https://huntr.com/bounties/10f55937-0cba-4530-897f-2abf30ed5270

reference_id

10f55937-0cba-4530-897f-2abf30ed5270

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-20T17:51:23Z/

url

https://huntr.com/bounties/10f55937-0cba-4530-897f-2abf30ed5270

reference_url

https://github.com/advisories/GHSA-m37h-8r48-2cxj

reference_id

GHSA-m37h-8r48-2cxj

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-m37h-8r48-2cxj

fixed_packages

url pkg:maven/ai.h2o/h2o-core@3.46.0.1

purl pkg:maven/ai.h2o/h2o-core@3.46.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1b6u-e72c-kbec

vulnerability	VCID-b1re-5nwx-wfb2

vulnerability	VCID-cu6c-k4e7-puf7

vulnerability	VCID-da4r-ymzc-f7gg

vulnerability	VCID-faw8-tfz2-eudq

vulnerability	VCID-ke25-9jrn-hugc

vulnerability	VCID-nfcx-t5c9-5bbt

vulnerability	VCID-rgnx-9tfe-6kh3

vulnerability	VCID-vme1-up9z-yqaw

vulnerability	VCID-wg5g-p9nq-nbex

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/ai.h2o/h2o-core@3.46.0.1

aliases CVE-2024-6863, GHSA-m37h-8r48-2cxj

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bn79-rgcy-hybs

url VCID-c1z7-mtu6-77fs

vulnerability_id VCID-c1z7-mtu6-77fs

summary In h2oai/h2o-3 version 3.46.0, the endpoint for exporting models does not restrict the export location, allowing an attacker to export a model to any file in the server's file structure, thereby overwriting it. This vulnerability can be exploited to overwrite any file on the target server with a trained model file, although the content of the overwrite is not controllable by the attacker.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-6854

reference_id

reference_type

scores

value	0.00107
scoring_system	epss
scoring_elements	0.28674
published_at	2026-06-14T12:55:00Z

value	0.00107
scoring_system	epss
scoring_elements	0.28464
published_at	2026-06-11T12:55:00Z

value	0.00107
scoring_system	epss
scoring_elements	0.28659
published_at	2026-06-12T12:55:00Z

value	0.00107
scoring_system	epss
scoring_elements	0.28684
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-6854

reference_url

https://github.com/h2oai/h2o-3

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/h2oai/h2o-3

reference_url

https://github.com/h2oai/h2o-3/blob/a20b5b19b769866ee24b217ee78b820e64c1cd6a/h2o-core/src/main/java/hex/Model.java#L3366

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/h2oai/h2o-3/blob/a20b5b19b769866ee24b217ee78b820e64c1cd6a/h2o-core/src/main/java/hex/Model.java#L3366

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-6854

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-6854

reference_url

https://huntr.com/bounties/97d013f9-ac51-4c80-8dd7-8dfde11f33b2

reference_id

97d013f9-ac51-4c80-8dd7-8dfde11f33b2

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-20T17:49:46Z/

url

https://huntr.com/bounties/97d013f9-ac51-4c80-8dd7-8dfde11f33b2

reference_url

https://github.com/advisories/GHSA-47f6-5p7h-5f3h

reference_id

GHSA-47f6-5p7h-5f3h

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-47f6-5p7h-5f3h

fixed_packages

url pkg:maven/ai.h2o/h2o-core@3.46.0.1

purl pkg:maven/ai.h2o/h2o-core@3.46.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1b6u-e72c-kbec

vulnerability	VCID-b1re-5nwx-wfb2

vulnerability	VCID-cu6c-k4e7-puf7

vulnerability	VCID-da4r-ymzc-f7gg

vulnerability	VCID-faw8-tfz2-eudq

vulnerability	VCID-ke25-9jrn-hugc

vulnerability	VCID-nfcx-t5c9-5bbt

vulnerability	VCID-rgnx-9tfe-6kh3

vulnerability	VCID-vme1-up9z-yqaw

vulnerability	VCID-wg5g-p9nq-nbex

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/ai.h2o/h2o-core@3.46.0.1

aliases CVE-2024-6854, GHSA-47f6-5p7h-5f3h

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c1z7-mtu6-77fs

url VCID-cu6c-k4e7-puf7

vulnerability_id VCID-cu6c-k4e7-puf7

summary A critical remote code execution vulnerability exists in the unauthenticated REST API endpoint /99/ImportSQLTable in H2O-3 version 3.46.0.9 and prior. The vulnerability arises due to insufficient security controls in the parameter blacklist mechanism, which only targets MySQL JDBC driver-specific dangerous parameters. An attacker can bypass these controls by switching the JDBC URL protocol to jdbc:postgresql: and exploiting PostgreSQL JDBC driver-specific parameters such as socketFactory and socketFactoryArg. This allows unauthenticated attackers to execute arbitrary code on the H2O-3 server with the privileges of the H2O-3 process. The issue is resolved in version 3.46.0.10.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-3960

reference_id

reference_type

scores

value	0.00351
scoring_system	epss
scoring_elements	0.57928
published_at	2026-06-11T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.58046
published_at	2026-06-14T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.5804
published_at	2026-06-12T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.58057
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-3960

reference_url

https://github.com/h2oai/h2o-3

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/h2oai/h2o-3

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-3960

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-3960

reference_url

https://huntr.com/bounties/6954fe04-b905-453f-8c53-205ac8377e0d

reference_id

6954fe04-b905-453f-8c53-205ac8377e0d

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-23T12:25:29Z/

url

https://huntr.com/bounties/6954fe04-b905-453f-8c53-205ac8377e0d

reference_url

https://github.com/h2oai/h2o-3/commit/b9ae2d3c5220db2dc53753357a783e590364d044

reference_id

b9ae2d3c5220db2dc53753357a783e590364d044

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-23T12:25:29Z/

url

https://github.com/h2oai/h2o-3/commit/b9ae2d3c5220db2dc53753357a783e590364d044

reference_url

https://github.com/advisories/GHSA-qmcv-hh7c-3m56

reference_id

GHSA-qmcv-hh7c-3m56

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-qmcv-hh7c-3m56

fixed_packages

url pkg:maven/ai.h2o/h2o-core@3.46.0.10

purl pkg:maven/ai.h2o/h2o-core@3.46.0.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-wg5g-p9nq-nbex

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/ai.h2o/h2o-core@3.46.0.10

aliases CVE-2026-3960, GHSA-qmcv-hh7c-3m56

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cu6c-k4e7-puf7

url VCID-da4r-ymzc-f7gg

vulnerability_id VCID-da4r-ymzc-f7gg

summary In h2oai/h2o-3 version 3.46.0.2, a vulnerability exists where uploading and repeatedly parsing a large GZIP file can cause a denial of service. The server becomes unresponsive due to memory exhaustion and a large number of concurrent slow-running jobs. This issue arises from the improper handling of highly compressed data, leading to significant data amplification.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-7765

reference_id

reference_type

scores

value	0.00408
scoring_system	epss
scoring_elements	0.61752
published_at	2026-06-13T12:55:00Z

value	0.00408
scoring_system	epss
scoring_elements	0.61747
published_at	2026-06-14T12:55:00Z

value	0.00408
scoring_system	epss
scoring_elements	0.61642
published_at	2026-06-11T12:55:00Z

value	0.00408
scoring_system	epss
scoring_elements	0.61744
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-7765

reference_url

https://github.com/h2oai/h2o-3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/h2oai/h2o-3

reference_url

https://github.com/h2oai/h2o-3/blob/7d418fa19d3ab434f742818e37f891bef9102c97/h2o-core/src/main/java/water/parser/ParseDataset.java#L900

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/h2oai/h2o-3/blob/7d418fa19d3ab434f742818e37f891bef9102c97/h2o-core/src/main/java/water/parser/ParseDataset.java#L900

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-7765

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-7765

reference_url

https://huntr.com/bounties/0e58b1a5-bdca-4e60-af92-09de9c76a9ff

reference_id

0e58b1a5-bdca-4e60-af92-09de9c76a9ff

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-20T14:29:15Z/

url

https://huntr.com/bounties/0e58b1a5-bdca-4e60-af92-09de9c76a9ff

reference_url

https://github.com/advisories/GHSA-6w62-3jvj-mfj6

reference_id

GHSA-6w62-3jvj-mfj6

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-6w62-3jvj-mfj6

fixed_packages

url pkg:maven/ai.h2o/h2o-core@3.46.0.3

purl pkg:maven/ai.h2o/h2o-core@3.46.0.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-b1re-5nwx-wfb2

vulnerability	VCID-cu6c-k4e7-puf7

vulnerability	VCID-faw8-tfz2-eudq

vulnerability	VCID-nfcx-t5c9-5bbt

vulnerability	VCID-vme1-up9z-yqaw

vulnerability	VCID-wg5g-p9nq-nbex

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/ai.h2o/h2o-core@3.46.0.3

aliases CVE-2024-7765, GHSA-6w62-3jvj-mfj6

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-da4r-ymzc-f7gg

url VCID-faw8-tfz2-eudq

vulnerability_id VCID-faw8-tfz2-eudq

summary A deserialization vulnerability exists in h2oai/h2o-3 versions <= 3.46.0.8, allowing attackers to read arbitrary system files and execute arbitrary code. The vulnerability arises from improper handling of JDBC connection parameters, which can be exploited by bypassing regular expression checks and using double URL encoding. This issue impacts all users of the affected versions.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-6544

reference_id

reference_type

scores

value	0.00796
scoring_system	epss
scoring_elements	0.74499
published_at	2026-06-12T12:55:00Z

value	0.00796
scoring_system	epss
scoring_elements	0.74511
published_at	2026-06-14T12:55:00Z

value	0.00796
scoring_system	epss
scoring_elements	0.74426
published_at	2026-06-11T12:55:00Z

value	0.00796
scoring_system	epss
scoring_elements	0.74512
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-6544

reference_url

https://github.com/h2oai/h2o-3

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/h2oai/h2o-3

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-6544

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-6544

reference_url

https://github.com/h2oai/h2o-3/commit/0298ee348f5c73673b7b542158081e79605f5f25

reference_id

0298ee348f5c73673b7b542158081e79605f5f25

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-09-22T17:23:22Z/

url

https://github.com/h2oai/h2o-3/commit/0298ee348f5c73673b7b542158081e79605f5f25

reference_url

https://huntr.com/bounties/53f35a0f-d644-4f82-93aa-89fe7e0aed40

reference_id

53f35a0f-d644-4f82-93aa-89fe7e0aed40

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-09-22T17:23:22Z/

url

https://huntr.com/bounties/53f35a0f-d644-4f82-93aa-89fe7e0aed40

reference_url

https://github.com/advisories/GHSA-5w3j-gwgh-4rfv

reference_id

GHSA-5w3j-gwgh-4rfv

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-5w3j-gwgh-4rfv

fixed_packages

url pkg:maven/ai.h2o/h2o-core@3.46.0.8

purl pkg:maven/ai.h2o/h2o-core@3.46.0.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-cu6c-k4e7-puf7

vulnerability	VCID-wg5g-p9nq-nbex

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/ai.h2o/h2o-core@3.46.0.8

aliases CVE-2025-6544, GHSA-5w3j-gwgh-4rfv

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-faw8-tfz2-eudq

url VCID-fb24-2xvd-jbat

vulnerability_id VCID-fb24-2xvd-jbat

summary A vulnerability in the typeahead endpoint of h2oai/h2o-3 version 3.46.0 allows for a denial of service. The endpoint performs a `HEAD` request to verify the existence of a specified resource without setting a timeout. An attacker can exploit this by sending multiple requests to an attacker-controlled server that hangs, causing the application to block and become unresponsive to other requests.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-8062

reference_id

reference_type

scores

value	0.00247
scoring_system	epss
scoring_elements	0.48353
published_at	2026-06-13T12:55:00Z

value	0.00247
scoring_system	epss
scoring_elements	0.48338
published_at	2026-06-14T12:55:00Z

value	0.00247
scoring_system	epss
scoring_elements	0.48198
published_at	2026-06-11T12:55:00Z

value	0.00247
scoring_system	epss
scoring_elements	0.48336
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-8062

reference_url

https://github.com/h2oai/h2o-3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/h2oai/h2o-3

reference_url

https://github.com/h2oai/h2o-3/blob/047a4d617240a56e74f834207c65973d133391cb/h2o-core/src/main/java/water/persist/PersistManager.java#L302

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/h2oai/h2o-3/blob/047a4d617240a56e74f834207c65973d133391cb/h2o-core/src/main/java/water/persist/PersistManager.java#L302

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-8062

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-8062

reference_url

https://huntr.com/bounties/a04190d9-4acb-449a-9a7f-f1bf6be1ed23

reference_id

a04190d9-4acb-449a-9a7f-f1bf6be1ed23

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-20T15:23:25Z/

url

https://huntr.com/bounties/a04190d9-4acb-449a-9a7f-f1bf6be1ed23

reference_url

https://github.com/advisories/GHSA-5c8j-g96x-cj78

reference_id

GHSA-5c8j-g96x-cj78

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-5c8j-g96x-cj78

fixed_packages

url pkg:maven/ai.h2o/h2o-core@3.46.0.1

purl pkg:maven/ai.h2o/h2o-core@3.46.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1b6u-e72c-kbec

vulnerability	VCID-b1re-5nwx-wfb2

vulnerability	VCID-cu6c-k4e7-puf7

vulnerability	VCID-da4r-ymzc-f7gg

vulnerability	VCID-faw8-tfz2-eudq

vulnerability	VCID-ke25-9jrn-hugc

vulnerability	VCID-nfcx-t5c9-5bbt

vulnerability	VCID-rgnx-9tfe-6kh3

vulnerability	VCID-vme1-up9z-yqaw

vulnerability	VCID-wg5g-p9nq-nbex

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/ai.h2o/h2o-core@3.46.0.1

aliases CVE-2024-8062, GHSA-5c8j-g96x-cj78

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fb24-2xvd-jbat

url VCID-ke25-9jrn-hugc

vulnerability_id VCID-ke25-9jrn-hugc

summary A vulnerability in the `/3/Parse` endpoint of h2oai/h2o-3 version 3.46.0.1 allows for a denial of service (DoS) attack. The endpoint uses a user-specified string to construct a regular expression, which is then applied to another user-specified string. By sending multiple simultaneous requests, an attacker can exhaust all available threads, leading to a complete denial of service.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-10549

reference_id

reference_type

scores

value	0.00345
scoring_system	epss
scoring_elements	0.57591
published_at	2026-06-13T12:55:00Z

value	0.00345
scoring_system	epss
scoring_elements	0.57582
published_at	2026-06-14T12:55:00Z

value	0.00345
scoring_system	epss
scoring_elements	0.5746
published_at	2026-06-11T12:55:00Z

value	0.00345
scoring_system	epss
scoring_elements	0.57576
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-10549

reference_url

https://github.com/h2oai/h2o-3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/h2oai/h2o-3

reference_url

https://github.com/h2oai/h2o-3/blob/51c25940ded8b7d0acc8f3f72329fd9dedbb3a34/h2o-core/src/main/java/water/api/ParseHandler.java#L80

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/h2oai/h2o-3/blob/51c25940ded8b7d0acc8f3f72329fd9dedbb3a34/h2o-core/src/main/java/water/api/ParseHandler.java#L80

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-10549

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-10549

reference_url

https://huntr.com/bounties/ce7bd2d6-fd38-440d-a91a-dd8f3fc06bc2

reference_id

ce7bd2d6-fd38-440d-a91a-dd8f3fc06bc2

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-20T14:01:19Z/

url

https://huntr.com/bounties/ce7bd2d6-fd38-440d-a91a-dd8f3fc06bc2

reference_url

https://github.com/advisories/GHSA-wwr9-4gmr-xvq9

reference_id

GHSA-wwr9-4gmr-xvq9

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-wwr9-4gmr-xvq9

fixed_packages

url pkg:maven/ai.h2o/h2o-core@3.46.0.2

purl pkg:maven/ai.h2o/h2o-core@3.46.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-b1re-5nwx-wfb2

vulnerability	VCID-cu6c-k4e7-puf7

vulnerability	VCID-da4r-ymzc-f7gg

vulnerability	VCID-faw8-tfz2-eudq

vulnerability	VCID-nfcx-t5c9-5bbt

vulnerability	VCID-vme1-up9z-yqaw

vulnerability	VCID-wg5g-p9nq-nbex

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/ai.h2o/h2o-core@3.46.0.2

aliases CVE-2024-10549, GHSA-wwr9-4gmr-xvq9

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ke25-9jrn-hugc

url VCID-ksm5-4yxe-7bej

vulnerability_id VCID-ksm5-4yxe-7bej

summary In h2oai/h2o-3 version 3.46.0, the `/99/Models/{name}/json` endpoint allows for arbitrary file overwrite on the target server. The vulnerability arises from the `exportModelDetails` function in `ModelsHandler.java`, where the user-controllable `mexport.dir` parameter is used to specify the file path for writing model details. This can lead to overwriting files at arbitrary locations on the host system.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-8616

reference_id

reference_type

scores

value	0.00237
scoring_system	epss
scoring_elements	0.47214
published_at	2026-06-14T12:55:00Z

value	0.00237
scoring_system	epss
scoring_elements	0.47078
published_at	2026-06-11T12:55:00Z

value	0.00237
scoring_system	epss
scoring_elements	0.47218
published_at	2026-06-12T12:55:00Z

value	0.00237
scoring_system	epss
scoring_elements	0.47232
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-8616

reference_url

https://github.com/h2oai/h2o-3

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/h2oai/h2o-3

reference_url

https://github.com/h2oai/h2o-3/blob/088190f9d0370a02a483fca68d8dc89c996b4f83/h2o-core/src/main/java/water/api/ModelsHandler.java#L310

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/h2oai/h2o-3/blob/088190f9d0370a02a483fca68d8dc89c996b4f83/h2o-core/src/main/java/water/api/ModelsHandler.java#L310

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-8616

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-8616

reference_url

https://huntr.com/bounties/aebf69a5-b9b1-4d2f-a8ff-902c11a8c97a

reference_id

aebf69a5-b9b1-4d2f-a8ff-902c11a8c97a

reference_type

scores

value	8.2
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-20T17:51:48Z/

url

https://huntr.com/bounties/aebf69a5-b9b1-4d2f-a8ff-902c11a8c97a

reference_url

https://github.com/advisories/GHSA-g48v-3p35-88jr

reference_id

GHSA-g48v-3p35-88jr

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-g48v-3p35-88jr

fixed_packages

url pkg:maven/ai.h2o/h2o-core@3.46.0.1

purl pkg:maven/ai.h2o/h2o-core@3.46.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1b6u-e72c-kbec

vulnerability	VCID-b1re-5nwx-wfb2

vulnerability	VCID-cu6c-k4e7-puf7

vulnerability	VCID-da4r-ymzc-f7gg

vulnerability	VCID-faw8-tfz2-eudq

vulnerability	VCID-ke25-9jrn-hugc

vulnerability	VCID-nfcx-t5c9-5bbt

vulnerability	VCID-rgnx-9tfe-6kh3

vulnerability	VCID-vme1-up9z-yqaw

vulnerability	VCID-wg5g-p9nq-nbex

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/ai.h2o/h2o-core@3.46.0.1

aliases CVE-2024-8616, GHSA-g48v-3p35-88jr

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ksm5-4yxe-7bej

url VCID-nfcx-t5c9-5bbt

vulnerability_id VCID-nfcx-t5c9-5bbt

summary A vulnerability in the h2oai/h2o-3 REST API versions 3.46.0.4 allows unauthenticated remote attackers to execute arbitrary code via deserialization of untrusted data. The vulnerability exists in the endpoints POST /99/ImportSQLTable and POST /3/SaveToHiveTable, where user-controlled JDBC URLs are passed to DriverManager.getConnection, leading to deserialization if a MySQL or PostgreSQL driver is available in the classpath. This issue is fixed in version 3.47.0.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-10553

reference_id

reference_type

scores

value	0.02857
scoring_system	epss
scoring_elements	0.86617
published_at	2026-06-14T12:55:00Z

value	0.02857
scoring_system	epss
scoring_elements	0.86619
published_at	2026-06-13T12:55:00Z

value	0.02857
scoring_system	epss
scoring_elements	0.8656
published_at	2026-06-11T12:55:00Z

value	0.02857
scoring_system	epss
scoring_elements	0.8661
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-10553

reference_url

https://github.com/h2oai/h2o-3

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/h2oai/h2o-3

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-10553

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-10553

reference_url

https://github.com/h2oai/h2o-3/commit/ac1d642b4d86f10a02d75974055baf2a4b2025ac

reference_id

ac1d642b4d86f10a02d75974055baf2a4b2025ac

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-03-20T17:51:32Z/

url

https://github.com/h2oai/h2o-3/commit/ac1d642b4d86f10a02d75974055baf2a4b2025ac

reference_url

https://huntr.com/bounties/e6f550dd-eda2-428c-a740-ed8f893a084b

reference_id

e6f550dd-eda2-428c-a740-ed8f893a084b

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-03-20T17:51:32Z/

url

https://huntr.com/bounties/e6f550dd-eda2-428c-a740-ed8f893a084b

reference_url

https://github.com/advisories/GHSA-h7xg-cmpp-48hf

reference_id

GHSA-h7xg-cmpp-48hf

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-h7xg-cmpp-48hf

fixed_packages

url pkg:maven/ai.h2o/h2o-core@3.46.0.6

purl pkg:maven/ai.h2o/h2o-core@3.46.0.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-b1re-5nwx-wfb2

vulnerability	VCID-cu6c-k4e7-puf7

vulnerability	VCID-faw8-tfz2-eudq

vulnerability	VCID-wg5g-p9nq-nbex

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/ai.h2o/h2o-core@3.46.0.6

aliases CVE-2024-10553, GHSA-h7xg-cmpp-48hf

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nfcx-t5c9-5bbt

url VCID-rgnx-9tfe-6kh3

vulnerability_id VCID-rgnx-9tfe-6kh3

summary A vulnerability in h2oai/h2o-3 version 3.46.0.1 allows remote attackers to write arbitrary data to any file on the server. This is achieved by exploiting the `/3/Parse` endpoint to inject attacker-controlled data as the header of an empty file, which is then exported using the `/3/Frames/framename/export` endpoint. The impact of this vulnerability includes the potential for remote code execution and complete access to the system running h2o-3, as attackers can overwrite critical files such as private SSH keys or script files.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-5986

reference_id

reference_type

scores

value	0.00165
scoring_system	epss
scoring_elements	0.37297
published_at	2026-06-11T12:55:00Z

value	0.00165
scoring_system	epss
scoring_elements	0.37484
published_at	2026-06-14T12:55:00Z

value	0.00165
scoring_system	epss
scoring_elements	0.37498
published_at	2026-06-13T12:55:00Z

value	0.00165
scoring_system	epss
scoring_elements	0.37474
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-5986

reference_url

https://github.com/h2oai/h2o-3

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/h2oai/h2o-3

reference_url

https://huntr.com/bounties/64ff5319-6ac3-4447-87f7-b53495d4d5a3

reference_id

64ff5319-6ac3-4447-87f7-b53495d4d5a3

reference_type

scores

value	9.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-02T12:52:10Z/

url

https://huntr.com/bounties/64ff5319-6ac3-4447-87f7-b53495d4d5a3

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-5986

reference_id

CVE-2024-5986

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-5986

reference_url

https://github.com/advisories/GHSA-wj3h-wx8g-x699

reference_id

GHSA-wj3h-wx8g-x699

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-wj3h-wx8g-x699

fixed_packages

url pkg:maven/ai.h2o/h2o-core@3.46.0.2

purl pkg:maven/ai.h2o/h2o-core@3.46.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-b1re-5nwx-wfb2

vulnerability	VCID-cu6c-k4e7-puf7

vulnerability	VCID-da4r-ymzc-f7gg

vulnerability	VCID-faw8-tfz2-eudq

vulnerability	VCID-nfcx-t5c9-5bbt

vulnerability	VCID-vme1-up9z-yqaw

vulnerability	VCID-wg5g-p9nq-nbex

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/ai.h2o/h2o-core@3.46.0.2

aliases CVE-2024-5986, GHSA-wj3h-wx8g-x699

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rgnx-9tfe-6kh3

url VCID-vme1-up9z-yqaw

vulnerability_id VCID-vme1-up9z-yqaw

summary The H2O machine learning platform uses "Iced" classes as the primary means of moving Java Objects around the cluster. The Iced format supports inclusion of serialized Java objects. When a model is deserialized, any class is allowed to be deserialized (no class whitelist). An attacker can construct a crafted Iced model that uses Java gadgets and leads to arbitrary code execution when imported to the H2O platform.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-6960

reference_id

reference_type

scores

value	0.00185
scoring_system	epss
scoring_elements	0.40035
published_at	2026-06-11T12:55:00Z

value	0.00185
scoring_system	epss
scoring_elements	0.40216
published_at	2026-06-14T12:55:00Z

value	0.00185
scoring_system	epss
scoring_elements	0.40227
published_at	2026-06-13T12:55:00Z

value	0.00185
scoring_system	epss
scoring_elements	0.40204
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-6960

reference_url

https://github.com/h2oai/h2o-3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	7.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/h2oai/h2o-3

reference_url

https://mvnrepository.com/artifact/ai.h2o/h2o-core

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	7.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://mvnrepository.com/artifact/ai.h2o/h2o-core

reference_url

https://research.jfrog.com/vulnerabilities/h2o-model-deserialization-rce-jfsa-2024-001035518

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	7.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://research.jfrog.com/vulnerabilities/h2o-model-deserialization-rce-jfsa-2024-001035518

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-6960

reference_id

CVE-2024-6960

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	7.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-6960

reference_url

https://github.com/advisories/GHSA-w36w-948j-xhfw

reference_id

GHSA-w36w-948j-xhfw

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-w36w-948j-xhfw

reference_url

https://research.jfrog.com/vulnerabilities/h2o-model-deserialization-rce-jfsa-2024-001035518/

reference_id

h2o-model-deserialization-rce-jfsa-2024-001035518

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-24T17:06:30Z/

url

https://research.jfrog.com/vulnerabilities/h2o-model-deserialization-rce-jfsa-2024-001035518/

fixed_packages

url pkg:maven/ai.h2o/h2o-core@3.46.0.5

purl pkg:maven/ai.h2o/h2o-core@3.46.0.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-b1re-5nwx-wfb2

vulnerability	VCID-cu6c-k4e7-puf7

vulnerability	VCID-faw8-tfz2-eudq

vulnerability	VCID-nfcx-t5c9-5bbt

vulnerability	VCID-wg5g-p9nq-nbex

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/ai.h2o/h2o-core@3.46.0.5

aliases CVE-2024-6960, GHSA-w36w-948j-xhfw

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vme1-up9z-yqaw

url

VCID-wg5g-p9nq-nbex

vulnerability_id

VCID-wg5g-p9nq-nbex

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-7768

reference_id

reference_type

scores

value	0.00509
scoring_system	epss
scoring_elements	0.66882
published_at	2026-06-12T12:55:00Z

value	0.00509
scoring_system	epss
scoring_elements	0.66789
published_at	2026-06-11T12:55:00Z

value	0.00509
scoring_system	epss
scoring_elements	0.66896
published_at	2026-06-14T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-7768

reference_url

https://github.com/h2oai/h2o-3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/h2oai/h2o-3

reference_url

https://github.com/h2oai/h2o-3/blob/7d418fa19d3ab434f742818e37f891bef9102c97/h2o-core/src/main/java/water/api/ImportFilesHandler.java#L19

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/h2oai/h2o-3/blob/7d418fa19d3ab434f742818e37f891bef9102c97/h2o-core/src/main/java/water/api/ImportFilesHandler.java#L19

reference_url

https://huntr.com/bounties/3fe640df-bef4-4072-8890-0d12bc2818f6

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://huntr.com/bounties/3fe640df-bef4-4072-8890-0d12bc2818f6

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-7768

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-7768

reference_url

https://github.com/advisories/GHSA-p2vc-m5fv-9w9m

reference_id

GHSA-p2vc-m5fv-9w9m

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-p2vc-m5fv-9w9m

fixed_packages

aliases

CVE-2024-7768, GHSA-p2vc-m5fv-9w9m

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-wg5g-p9nq-nbex

Fixing_vulnerabilities

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/ai.h2o/h2o-core@3.44.0.3

Package Instance