Debian Bug report logs -
#1003894
h2database: CVE-2021-42392
Package:
src:h2database;
Maintainer for src:h2database is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 17 Jan 2022 19:42:03 UTC
Severity: grave
Tags: security, upstr ...
Several security issues were fixed in H2 ...
Security researchers of JFrog Security and Ismail Aydemir discovered two remote
code execution vulnerabilities in the H2 Java SQL database engine which can be
exploited through various attack vectors, most notably through the H2 Console
and by loading custom classes from remote servers through JNDI The H2 console
is a developer tool and not requir ...
Synopsis
Moderate: Red Hat Single Sign-On 753 security update on RHEL 7
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
New Red Hat Single Sign-On 753 packages are now available for Red Hat Enterprise Linux 7Red Hat P ...
Synopsis
Moderate: Red Hat JBoss Enterprise Application Platform 745 security update
Type/Severity
Security Advisory: Moderate
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 74Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring S ...
Synopsis
Moderate: Red Hat JBoss Enterprise Application Platform 745 security update on RHEL 8
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
A security update is now available for Red Hat JBoss Enterprise Application P ...
Synopsis
Moderate: Red Hat JBoss Enterprise Application Platform 745 security update on RHEL 7
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
A security update is now available for Red Hat JBoss Enterprise Application P ...
Synopsis
Moderate: Red Hat Integration Camel Extensions for Quarkus 221 security update
Type/Severity
Security Advisory: Moderate
Topic
A security update to Red Hat Integration Camel Extensions for Quarkus 22 is now available The purpose of this text-only errata is to inform you about the security issues fixedRed Hat Product Security has ...
Synopsis
Moderate: Red Hat Single Sign-On 761 security update
Type/Severity
Security Advisory: Moderate
Topic
A security update is now available for Red Hat Single Sign-On 76 from the Customer PortalRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base sco ...
Synopsis
Moderate: Red Hat Single Sign-On 753 security update
Type/Severity
Security Advisory: Moderate
Topic
A security update is now available for Red Hat Single Sign-On 75 from the Customer PortalRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base sco ...
Synopsis
Moderate: Red Hat Single Sign-On 761 security update on RHEL 9
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
New Red Hat Single Sign-On 761 packages are now available for Red Hat Enterprise Linux 9Red Hat P ...
Synopsis
Moderate: Red Hat Single Sign-On 761 security update on RHEL 8
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
New Red Hat Single Sign-On 761 packages are now available for Red Hat Enterprise Linux 8Red Hat P ...
Synopsis
Moderate: Red Hat Single Sign-On 761 security update on RHEL 7
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
New Red Hat Single Sign-On 761 packages are now available for Red Hat Enterprise Linux 7Red Hat P ...
Synopsis
Moderate: Red Hat Single Sign-On 753 security update on RHEL 8
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
New Red Hat Single Sign-On 753 packages are now available for Red Hat Enterprise Linux 8Red Hat P ...
The orgh2utilJdbcUtilsgetConnection method of the H2 database takes as parameters the class name of the driver and URL of the database An attacker may pass a JNDI driver name and a URL leading to a LDAP or RMI servers, causing remote code execution This can be exploited through various attack vectors, most notably through the H2 Console which ...