DSA-5076 h2database - security update - Cyber Security News

Read Time:26 Second

Security researchers of JFrog Security and Ismail Aydemir discovered two remote
code execution vulnerabilities in the H2 Java SQL database engine which can be
exploited through various attack vectors, most notably through the H2 Console
and by loading custom classes from remote servers through JNDI. The H2 console
is a developer tool and not required by any reverse-dependency in Debian. It
has been disabled in (old)stable releases. Database developers are advised to
use at least version 2.1.210-1, currently available in Debian unstable.

More Stories

Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution

Multiple vulnerabilities have been discovered in Apple Products, the most severe of which could allow for arbitrary code execution. iOS...

September 22, 2023

A Vulnerability in Drupal Could Allow for Privilege Escalation

A vulnerability has been discovered in Drupal that could allow for privilege escalation. Drupal is an open source content management...

September 22, 2023

UPDATED – MS-ISAC CYBERSECURITY ADVISORY – Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution PATCH: NOW – TLP: CLEAR

Additional systems were found to be affected by vulnerabilities, the most severe of which could allow for arbitrary code execution....

September 22, 2023

USN-6360-2: FLAC vulnerability

USN-6360-1 fixed a vulnerability in FLAC. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and...

September 22, 2023

seamonkey-2.53.17.1-1.el7

FEDORA-EPEL-2023-4211889c5a Packages in this update: seamonkey-2.53.17.1-1.el7 Update description: Update to 2.53.17.1 Fix CVE-2023-4863 in the bundled libwebp library. Note: EPEL...

September 21, 2023

USN-6395-1: GNOME Shell vulnerability

Mickael Karatekin discovered that GNOME Shell incorrectly allowed the screenshot tool to view open windows when a session was locked....

September 21, 2023

Generated by Feedzy