BeerHolderBot (>=0.1.0 <=0.3.6), GetPDB (>=0.1.0 <=1.0.1) +4589 more potentially affected by unknown CVE via h2 (>=0.1.26 <=0.3.21)

h2 CARGO version =0.1.26, =0.1.0, =0.1.0, =0.0.2, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.0.1, =0.2.0-alpha.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-Q6CP-QFWQ-4GCV...

areq (=0.1.0-alpha), bws-web-server (>=0.1.0 <=0.1.1) +26 more potentially affected by unknown CVE via h2 (=0.4.14)

h2 CARGO version =0.4.14 is affected by a known vulnerability. The following packages have a transitive dependency on h2 and may be impacted: - areq =0.1.0-alpha - bws-web-server =0.1.0, =0.5.2, =0.1.0, =1.0.0, =1.5.2, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.6.0 and more Source cves: unknown CVE Sourc...

BeerHolderBot (>=0.1.0 <=0.3.6), GetPDB (>=0.1.0 <=1.0.1) +4589 more potentially affected by unknown CVE via h2 (>=0.1.26 <=0.3.21)

h2 CARGO version =0.1.26, =0.1.0, =0.1.0, =0.0.2, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.0.1, =0.2.0-alpha.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-8R5V-VM4M-4G25...

BeerHolderBot (>=0.1.0 <=0.3.6), GetPDB (>=0.1.0 <=1.0.1) +4589 more potentially affected by CVE-2019-9514 via h2 (>=0.1.26 <=0.3.21)

h2 CARGO version =0.1.26, =0.1.0, =0.1.0, =0.0.2, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.0.1, =0.2.0-alpha.0 and more Source cves: CVE-2019-9514 Source advisory: OSV:RUSTSEC-2024-0003...

areq (=0.1.0-alpha), bws-web-server (>=0.1.0 <=0.1.1) +26 more potentially affected by CVE-2019-9514 via h2 (=0.4.14)

h2 CARGO version =0.4.14 is affected by a known vulnerability. The following packages have a transitive dependency on h2 and may be impacted: - areq =0.1.0-alpha - bws-web-server =0.1.0, =0.5.2, =0.1.0, =1.0.0, =1.5.2, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.6.0 and more Source cves: CVE-2019-9514...

RUSTSEC-2024-0003 Resource exhaustion vulnerability in h2 may lead to Denial of Service (DoS)

An attacker with an HTTP/2 connection to an affected endpoint can send a steady stream of invalid frames to force the generation of reset frames on the victim endpoint. By closing their recv window, the attacker could then force these resets to be queued in an unbounded fashion, resulting in Out ...

BeerHolderBot (>=0.1.0 <=0.3.6), GetPDB (>=0.1.0 <=1.0.1) +4564 more potentially affected by CVE-2023-26964 via h2 (>=0.1.26 <=0.3.12)

h2 CARGO version =0.1.26, =0.1.0, =0.1.0, =0.0.2, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.0.1, =0.2.0-alpha.0 and more Source cves: CVE-2023-26964 Source advisory: OSV:RUSTSEC-2023-0034...

BeerHolderBot (>=0.1.0 <=0.3.6), GetPDB (>=0.1.0 <=1.0.1) +4564 more potentially affected by CVE-2023-26964 via h2 (>=0.1.26 <=0.3.12)

h2 CARGO version =0.1.26, =0.1.0, =0.1.0, =0.0.2, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.0.1, =0.2.0-alpha.0 and more Source cves: CVE-2023-26964 Source advisory: OSV:GHSA-F8VR-R385-RH5R...

CVE-2022-39361 Metabase vulnerable to Remote Code Execution via H2

Metabase is data visualization software. Prior to versions 0.44.5, 1.44.5, 0.43.7, 1.43.7, 0.42.6, 1.42.6, 0.41.9, and 1.41.9, H2 Sample Database could allow Remote Code Execution RCE, which can be abused by users able to write SQL queries on H2 databases. This issue is patched in versions 0.44.5...

Remote Code Execution

h2 is vulnerable to remote code execution. The vulnerability exists due to a lack of secure input validation in DatabaseMetaLocal.java , allowing remote authenticated attackers to execute arbitrary code in the server...

SpringBootVulExploit

It is an offensive tool for Spring Boot exploitation. The repository contains a collection of exploits and techniques for exploiting Spring Boot applications, including: Spring Boot Vulnerability Exploit Check List: a checklist for identifying vulnerabilities in Spring Boot applications...