Improper Input Validation in Datomic

H2 1.4.197, as used in Datomic before 0.9.5697 and other products, allows remote code execution because CREATE ALIAS can execute arbitrary Java code...

Remote code execution

H2 1.4.197, as used in Datomic before 0.9.5697 and other products, allows remote code execution because CREATE ALIAS can execute arbitrary Java code. NOTE: the vendor's position is "h2 is not designed to be run outside of a secure environment."...

CVE-2018-10054

H2 1.4.197, as used in Datomic before 0.9.5697 and other products, allows remote code execution because CREATE ALIAS can execute arbitrary Java code. NOTE: the vendor's position is "h2 is not designed to be run outside of a secure environment."...

CVE-2018-10054

CVE-2018-10054 describes an RCE in H2 Database via the CREATE ALIAS mechanism. The issue affects H2 1.4.197 as used in Datomic before 0.9.5697 and other products, enabling remote code execution by an attacker with a crafted alias. Public references note exploit activity and Java code execution vi...

CVE-2018-10054

H2 1.4.197, as used in Datomic before 0.9.5697 and other products, allows remote code execution because CREATE ALIAS can execute arbitrary Java code. NOTE: the vendor's position is "h2 is not designed to be run outside of a secure environment."...

PT-2018-9645 · Atlassian +2 · Bamboo Server +4

Name of the Vulnerable Software and Affected Versions: H2 versions 1.4.197 Datomic versions prior to 0.9.5697 Bamboo Data Center and Server versions 9.1.0 through 9.4.0 Description: The issue allows remote code execution because the CREATE ALIAS command can execute arbitrary Java code. This can b...