Количество 6
Количество 6
CVE-2021-42392
The org.h2.util.JdbcUtils.getConnection method of the H2 database takes as parameters the class name of the driver and URL of the database. An attacker may pass a JNDI driver name and a URL leading to a LDAP or RMI servers, causing remote code execution. This can be exploited through various attack vectors, most notably through the H2 Console which leads to unauthenticated remote code execution.
CVE-2021-42392
The org.h2.util.JdbcUtils.getConnection method of the H2 database takes as parameters the class name of the driver and URL of the database. An attacker may pass a JNDI driver name and a URL leading to a LDAP or RMI servers, causing remote code execution. This can be exploited through various attack vectors, most notably through the H2 Console which leads to unauthenticated remote code execution.
CVE-2021-42392
The org.h2.util.JdbcUtils.getConnection method of the H2 database takes as parameters the class name of the driver and URL of the database. An attacker may pass a JNDI driver name and a URL leading to a LDAP or RMI servers, causing remote code execution. This can be exploited through various attack vectors, most notably through the H2 Console which leads to unauthenticated remote code execution.
CVE-2021-42392
The org.h2.util.JdbcUtils.getConnection method of the H2 database take ...
GHSA-h376-j262-vhq6
RCE in H2 Console
BDU:2022-00195
Уязвимость метода org.h2.util.JdbcUtils.getConnection системы управления базами данных H2, позволяющая нарушителю выполнить произвольный код
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-42392 The org.h2.util.JdbcUtils.getConnection method of the H2 database takes as parameters the class name of the driver and URL of the database. An attacker may pass a JNDI driver name and a URL leading to a LDAP or RMI servers, causing remote code execution. This can be exploited through various attack vectors, most notably through the H2 Console which leads to unauthenticated remote code execution. | CVSS3: 9.8 | 91% Критический | около 4 лет назад |
 | CVE-2021-42392 The org.h2.util.JdbcUtils.getConnection method of the H2 database takes as parameters the class name of the driver and URL of the database. An attacker may pass a JNDI driver name and a URL leading to a LDAP or RMI servers, causing remote code execution. This can be exploited through various attack vectors, most notably through the H2 Console which leads to unauthenticated remote code execution. | CVSS3: 9.8 | 91% Критический | около 4 лет назад |
 | CVE-2021-42392 The org.h2.util.JdbcUtils.getConnection method of the H2 database takes as parameters the class name of the driver and URL of the database. An attacker may pass a JNDI driver name and a URL leading to a LDAP or RMI servers, causing remote code execution. This can be exploited through various attack vectors, most notably through the H2 Console which leads to unauthenticated remote code execution. | CVSS3: 9.8 | 91% Критический | около 4 лет назад |
| CVE-2021-42392 The org.h2.util.JdbcUtils.getConnection method of the H2 database take ... | CVSS3: 9.8 | 91% Критический | около 4 лет назад |
| GHSA-h376-j262-vhq6 RCE in H2 Console | CVSS3: 9.8 | 91% Критический | около 4 лет назад |
 | BDU:2022-00195 Уязвимость метода org.h2.util.JdbcUtils.getConnection системы управления базами данных H2, позволяющая нарушителю выполнить произвольный код | CVSS3: 9.8 | 91% Критический | около 4 лет назад |
Уязвимостей на страницу