8 matches found
ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.46.0.11), ai.h2o:h2o-algos (>=0.1.9 <=3.46.0.11) +45 more potentially affected by CVE-2024-10553 +1 more via ai.h2o:h2o-core (>=0.1.10 <=3.46.0.7)
ai.h2o:h2o-core MAVEN version =0.1.10, =3.34.0.1, =0.1.9, =0.1.9, =3.12.0.1, =3.10.0.1, =3.14.0.7, =3.16.0.1, =3.14.0.1, =3.24.0.1, =3.30.1.1, =3.26.0.4, =3.10.5.1, =3.24.0.1, =3.30.0.1, =3.34.0.3, =3.46.0.11 and more Source cves: CVE-2024-10553, CVE-2025-6507 Source advisory:...
CVE-2024-10553
A vulnerability in the h2oai/h2o-3 REST API versions 3.46.0.4 allows unauthenticated remote attackers to execute arbitrary code via deserialization of untrusted data. The vulnerability exists in the endpoints POST /99/ImportSQLTable and POST /3/SaveToHiveTable, where user-controlled JDBC URLs are...
amlr (>=0.3.6 <=0.4.1), atlantic (>=0.0.92 <=2.0.30) +27 more potentially affected by CVE-2024-10553 via h2o (>=3.18.0.8 <=3.46.0.11)
h2o PYPI version =3.18.0.8, =0.3.6, =0.0.92, =1.0.81, =2019.9.10.14.39.5, =1.0.1, =0.1.20, =0.1.0, =0.1.2, =0.3.2, =0.3.0, =1.0.1.1.4, =0.4.0.dev3, =0.1.0, =0.1.7 - mgoaiwrkpi =0.0.4 - mi =2020.3.4.13.39.35 and more Source cves: CVE-2024-10553 Source advisory: OSV:GHSA-H7XG-CMPP-48HF...
ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.46.0.11), ai.h2o:h2o-algos (>=0.1.9 <=3.46.0.11) +44 more potentially affected by CVE-2024-10553 via ai.h2o:h2o-core (>=0.1.9 <=3.46.0.5)
ai.h2o:h2o-core MAVEN version =0.1.9, =3.34.0.1, =0.1.9, =0.1.9, =3.12.0.1, =3.10.0.1, =3.14.0.7, =3.16.0.1, =3.14.0.1, =3.24.0.1, =3.30.1.1, =3.26.0.4, =3.10.5.1, =3.24.0.1, =3.30.0.1, =3.34.0.3, =3.46.0.11 and more Source cves: CVE-2024-10553 Source advisory: OSV:GHSA-H7XG-CMPP-48HF...
ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.46.0.11), ai.h2o:h2o-algos (>=3.0.0.5 <=3.46.0.11) +44 more potentially affected by CVE-2024-10553 via ai.h2o:h2o-core (>=3.0.0.12 <=3.46.0.5)
ai.h2o:h2o-core MAVEN version =3.0.0.12, =3.34.0.1, =3.0.0.5, =3.0.0.5, =3.12.0.1, =3.10.0.1, =3.14.0.7, =3.16.0.1, =3.14.0.1, =3.24.0.1, =3.30.1.1, =3.26.0.4, =3.10.5.1, =3.24.0.1, =3.30.0.1, =3.34.0.3, =3.46.0.11 and more Source cves: CVE-2024-10553 Source advisory: SNYK:JAVA-AIH2O-9486787...
CVE-2024-10553
creationtimestamp| type| source ---|---|--- 2025-03-20 11:40:14+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3lksmgyieme2u 2025-09-05 02:40:36+00:00| seen| https://bsky.app/profile/hacker.at.thenote.app/post/3ly2n3nag2s2b 2025-09-09 03:37:30+00:00| seen|...
CVE-2024-10553 Jdbc Deserialization in h2oai/h2o-3
A vulnerability in the h2oai/h2o-3 REST API versions 3.46.0.4 allows unauthenticated remote attackers to execute arbitrary code via deserialization of untrusted data. The vulnerability exists in the endpoints POST /99/ImportSQLTable and POST /3/SaveToHiveTable, where user-controlled JDBC URLs are...
CVE-2024-10553 Jdbc Deserialization in h2oai/h2o-3
A vulnerability in the h2oai/h2o-3 REST API versions 3.46.0.4 allows unauthenticated remote attackers to execute arbitrary code via deserialization of untrusted data. The vulnerability exists in the endpoints POST /99/ImportSQLTable and POST /3/SaveToHiveTable, where user-controlled JDBC URLs are...