Lucene search

CVE-2024-5979

🗓️ 27 Jun 2024 19:18:15Reported by @huntr_aiType

In H2O-3 version 3.46.0, `run_tool` allows unauthorized invocation, leading to denial of servic

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 5
Vulnrichment	CVE-2024-5979 Denial of Service via Invalid Argument in h2oai/h2o-3	27 Jun 202418:40	–	vulnrichment
Github Security Blog	h2o vulnerable to unexpected POST request shutting down server	27 Jun 202421:32	–	github
NVD	CVE-2024-5979	27 Jun 202419:15	–	nvd
OSV	GHSA-58M3-RCVP-F9WW h2o vulnerable to unexpected POST request shutting down server	27 Jun 202421:32	–	osv
Cvelist	CVE-2024-5979 Denial of Service via Invalid Argument in h2oai/h2o-3	27 Jun 202418:40	–	cvelist

Vulnrichment

Node

h2oai h2oai/h2o-3Match3.46.0

[
  {
    "vendor": "h2oai",
    "product": "h2oai/h2o-3",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "versionType": "custom",
        "lessThanOrEqual": "latest"
      }
    ]
  }
]

Source	Link
huntr	www.huntr.com/bounties/d80a2139-fc03-44b7-b739-de41e323b458

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

27 Jun 2024 19:15Current

7.5High risk

Vulners AI Score7.5

CVSS37.5

EPSS0.00157

SSVC

CWE-400