EPSS
Percentile
88.0%
An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files (outside of their permissions) via a symlink to a fake database file.
bugzilla.redhat.com/show_bug.cgi?id=1610877
www.cve.org/CVERecord?id=CVE-2018-14335 https://nvd.nist.gov/vuln/detail/CVE-2018-14335