ai.h2o:h2o-core
Maven15 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting ai.h2o:h2o-corepage 1 of 1
- CVE-2023-6038HIGHCVSS 7.5EG 9.32023-11-16
vulnerable: 0.1.10 ... 3.8.3.4 (239 versions)
A Local File Inclusion (LFI) vulnerability exists in the h2o-3 REST API, allowing unauthenticated remote attackers to read arbitrary files on the server with the permissions of the user running the h2o-3 instance. This issue affects the de…
- CVE-2024-10549HIGHCVSS 7.5EG 7.52025-03-20
vulnerable: 3.30.0.7 ... 3.46.0.1 (49 versions)
A vulnerability in the `/3/Parse` endpoint of h2oai/h2o-3 version 3.46.0.1 allows for a denial of service (DoS) attack. The endpoint uses a user-specified string to construct a regular expression, which is then applied to another user-spec…
- CVE-2024-10550HIGHCVSS 7.5EG 7.52025-03-20
vulnerable: 3.30.0.7 ... 3.46.0.1 (49 versions)
A vulnerability in the `/3/ParseSetup` endpoint of h2oai/h2o-3 version 3.46.0.1 allows for a denial of service (DoS) attack. The endpoint applies a user-specified regular expression to a user-controllable string. This can be exploited by a…
- CVE-2024-10553CRITICALCVSS 9.8EG 9.8✓ Fixed in 3.46.0.62025-03-20
vulnerable: 0.1.10 ... 3.8.3.4 (251 versions)
A vulnerability in the h2oai/h2o-3 REST API versions 3.46.0.4 allows unauthenticated remote attackers to execute arbitrary code via deserialization of untrusted data. The vulnerability exists in the endpoints POST /99/ImportSQLTable and PO…
- CVE-2024-45758CRITICALCVSS 9.1EG 9.12024-09-06
vulnerable: 0.1.10 ... 3.8.3.4 (253 versions)
H2O.ai H2O through 3.46.0.4 allows attackers to arbitrarily set the JDBC URL, leading to deserialization attacks, file reads, and command execution. Exploitation can occur when an attacker has access to post to the ImportSQLTable URI with …
- CVE-2024-5986CRITICALCVSS 9.1EG 9.12026-02-02
vulnerable: 0.1.10 ... 3.8.3.4 (247 versions)
A vulnerability in h2oai/h2o-3 version 3.46.0.1 allows remote attackers to write arbitrary data to any file on the server. This is achieved by exploiting the `/3/Parse` endpoint to inject attacker-controlled data as the header of an empty …
- CVE-2024-6854HIGHCVSS 7.1EG 7.12025-03-20
vulnerable: 3.32.1.1 ... 3.44.0.3 (39 versions)
In h2oai/h2o-3 version 3.46.0, the endpoint for exporting models does not restrict the export location, allowing an attacker to export a model to any file in the server's file structure, thereby overwriting it. This vulnerability can be ex…
- CVE-2024-6863MEDIUMCVSS 6.5EG 6.52025-03-20
vulnerable: 3.32.1.2 ... 3.44.0.3 (38 versions)
In h2oai/h2o-3 version 3.46.0, an endpoint exposing a custom EncryptionTool allows an attacker to encrypt any files on the target server with a key of their choosing. The chosen key can also be overwritten, resulting in ransomware-like beh…
- CVE-2024-6960HIGHCVSS 7.5EG 7.52024-07-21
vulnerable: 0.1.10 ... 3.8.3.4 (250 versions)
The H2O machine learning platform uses "Iced" classes as the primary means of moving Java Objects around the cluster. The Iced format supports inclusion of serialized Java objects. When a model is deserialized, any class is allowed to be d…
- CVE-2024-7765HIGHCVSS 7.5EG 7.52025-03-20
vulnerable: 3.32.1.2 ... 3.46.0.2 (40 versions)
In h2oai/h2o-3 version 3.46.0.2, a vulnerability exists where uploading and repeatedly parsing a large GZIP file can cause a denial of service. The server becomes unresponsive due to memory exhaustion and a large number of concurrent slow-…
- CVE-2024-7768HIGHCVSS 7.5EG 7.52025-03-20
vulnerable: 0.1.10 ... 3.8.3.4 (254 versions)
A vulnerability in the `/3/ImportFiles` endpoint of h2oai/h2o-3 version 3.46.1 allows an attacker to cause a denial of service. The endpoint takes a single GET parameter, `path`, which can be recursively set to reference itself. This leads…
- CVE-2024-8062HIGHCVSS 7.5EG 7.52025-03-20
vulnerable: 3.10.0.1 ... 3.8.3.4 (207 versions)
A vulnerability in the typeahead endpoint of h2oai/h2o-3 version 3.46.0 allows for a denial of service. The endpoint performs a `HEAD` request to verify the existence of a specified resource without setting a timeout. An attacker can explo…
- CVE-2024-8616HIGHCVSS 8.2EG 8.22025-03-20
vulnerable: 3.10.4.1 ... 3.44.0.3 (143 versions)
In h2oai/h2o-3 version 3.46.0, the `/99/Models/{name}/json` endpoint allows for arbitrary file overwrite on the target server. The vulnerability arises from the `exportModelDetails` function in `ModelsHandler.java`, where the user-controll…
- CVE-2025-6544CRITICALCVSS 9.8EG 9.82025-09-21
vulnerable: 0.1.10 ... 3.8.3.4 (253 versions)
A deserialization vulnerability exists in h2oai/h2o-3 versions <= 3.46.0.8, allowing attackers to read arbitrary system files and execute arbitrary code. The vulnerability arises from improper handling of JDBC connection parameters, which …
- CVE-2026-3960CRITICALCVSS 9.8EG 9.8✓ Fixed in 3.46.0.102026-04-23
vulnerable: 0.1.10 ... 3.8.3.4 (255 versions)
A critical remote code execution vulnerability exists in the unauthenticated REST API endpoint /99/ImportSQLTable in H2O-3 version 3.46.0.9 and prior. The vulnerability arises due to insufficient security controls in the parameter blacklis…
Check whether ai.h2o:h2o-core is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for ai.h2o:h2o-core CVEs against the assets you own.
Start Free Scan →