h2o
PyPI16 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting h2opage 1 of 1
- CVE-2023-6569HIGHCVSS 8.2EG 8.2✓ Fixed in 3.46.0.12023-12-14
vulnerable: 3.10.0.10 ... 3.44.0.3 (111 versions)
External Control of File Name or Path in h2oai/h2o-3
- CVE-2024-10549HIGHCVSS 7.5EG 7.52025-03-20
vulnerable: 3.30.0.7 ... 3.46.0.1 (42 versions)
A vulnerability in the `/3/Parse` endpoint of h2oai/h2o-3 version 3.46.0.1 allows for a denial of service (DoS) attack. The endpoint uses a user-specified string to construct a regular expression, which is then applied to another user-spec…
- CVE-2024-10550HIGHCVSS 7.5EG 7.52025-03-20
vulnerable: 3.30.0.7 ... 3.46.0.1 (42 versions)
A vulnerability in the `/3/ParseSetup` endpoint of h2oai/h2o-3 version 3.46.0.1 allows for a denial of service (DoS) attack. The endpoint applies a user-specified regular expression to a user-controllable string. This can be exploited by a…
- CVE-2024-10553CRITICALCVSS 9.8EG 9.8✓ Fixed in 3.46.0.62025-03-20
vulnerable: 3.10.0.10 ... 3.46.0.5 (116 versions)
A vulnerability in the h2oai/h2o-3 REST API versions 3.46.0.4 allows unauthenticated remote attackers to execute arbitrary code via deserialization of untrusted data. The vulnerability exists in the endpoints POST /99/ImportSQLTable and PO…
- CVE-2024-10572HIGHCVSS 7.5EG 7.52025-03-20
vulnerable: 3.34.0.3 ... 3.46.0.1 (27 versions)
In h2oai/h2o-3 version 3.46.0.1, the `run_tool` command exposes classes in the `water.tools` package through the `ast` parser. This includes the `XGBoostLibExtractTool` class, which can be exploited to shut down the server and write large …
- CVE-2024-45758CRITICALCVSS 9.1EG 9.12024-09-06
vulnerable: 3.10.0.10 ... 3.46.0.7 (118 versions)
H2O.ai H2O through 3.46.0.4 allows attackers to arbitrarily set the JDBC URL, leading to deserialization attacks, file reads, and command execution. Exploitation can occur when an attacker has access to post to the ImportSQLTable URI with …
- CVE-2024-5550MEDIUMCVSS 5.3EG 5.32024-06-06
vulnerable: 3.10.0.10 ... 3.40.0.4 (104 versions)
In h2oai/h2o-3 version 3.40.0.4, an exposure of sensitive information vulnerability exists due to an arbitrary system path lookup feature. This vulnerability allows any remote user to view full paths in the entire file system where h2o-3 i…
- CVE-2024-5979HIGHCVSS 7.5EG 7.52024-06-27
vulnerable: 3.10.0.10 ... 3.44.0.3 (111 versions)
In h2oai/h2o-3 version 3.46.0, the `run_tool` command in the `rapids` component allows the `main` function of any class under the `water.tools` namespace to be called. One such class, `MojoConvertTool`, crashes the server when invoked with…
- CVE-2024-5986CRITICALCVSS 9.1EG 9.12026-02-02
vulnerable: 3.10.0.10 ... 3.46.0.1 (112 versions)
A vulnerability in h2oai/h2o-3 version 3.46.0.1 allows remote attackers to write arbitrary data to any file on the server. This is achieved by exploiting the `/3/Parse` endpoint to inject attacker-controlled data as the header of an empty …
- CVE-2024-6854HIGHCVSS 7.1EG 7.12025-03-20
vulnerable: 3.32.1.1 ... 3.44.0.3 (33 versions)
In h2oai/h2o-3 version 3.46.0, the endpoint for exporting models does not restrict the export location, allowing an attacker to export a model to any file in the server's file structure, thereby overwriting it. This vulnerability can be ex…
- CVE-2024-6863MEDIUMCVSS 6.5EG 6.52025-03-20
vulnerable: 3.32.1.2 ... 3.44.0.3 (32 versions)
In h2oai/h2o-3 version 3.46.0, an endpoint exposing a custom EncryptionTool allows an attacker to encrypt any files on the target server with a key of their choosing. The chosen key can also be overwritten, resulting in ransomware-like beh…
- CVE-2024-7765HIGHCVSS 7.5EG 7.52025-03-20
vulnerable: 3.32.1.2 ... 3.46.0.2 (34 versions)
In h2oai/h2o-3 version 3.46.0.2, a vulnerability exists where uploading and repeatedly parsing a large GZIP file can cause a denial of service. The server becomes unresponsive due to memory exhaustion and a large number of concurrent slow-…
- CVE-2024-7768HIGHCVSS 7.5EG 7.52025-03-20
vulnerable: 3.10.0.10 ... 3.46.0.8 (119 versions)
A vulnerability in the `/3/ImportFiles` endpoint of h2oai/h2o-3 version 3.46.1 allows an attacker to cause a denial of service. The endpoint takes a single GET parameter, `path`, which can be recursively set to reference itself. This leads…
- CVE-2024-8062HIGHCVSS 7.5EG 7.52025-03-20
vulnerable: 3.10.0.10 ... 3.44.0.3 (111 versions)
A vulnerability in the typeahead endpoint of h2oai/h2o-3 version 3.46.0 allows for a denial of service. The endpoint performs a `HEAD` request to verify the existence of a specified resource without setting a timeout. An attacker can explo…
- CVE-2024-8616HIGHCVSS 8.2EG 8.22025-03-20
vulnerable: 3.10.4.1 ... 3.44.0.3 (104 versions)
In h2oai/h2o-3 version 3.46.0, the `/99/Models/{name}/json` endpoint allows for arbitrary file overwrite on the target server. The vulnerability arises from the `exportModelDetails` function in `ModelsHandler.java`, where the user-controll…
- CVE-2025-6544CRITICALCVSS 9.8EG 9.82025-09-21
vulnerable: 3.10.0.10 ... 3.46.0.7 (118 versions)
A deserialization vulnerability exists in h2oai/h2o-3 versions <= 3.46.0.8, allowing attackers to read arbitrary system files and execute arbitrary code. The vulnerability arises from improper handling of JDBC connection parameters, which …
Check whether h2o is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for h2o CVEs against the assets you own.
Start Free Scan →