Astra Linux - уязвимость в h2database

The H2 Console before version 2.1.210 allowed remote attackers to execute arbitrary code through a jdbc:h2:mem JDBC URL that contained the IGNOREUNKNOWNSETTINGS=TRUE;FORBID CREATION=FALSE;INIT=RUNSCRIPT substring. This is a different vulnerability than CVE-2021-42392. source-iocs-preserved...

DataEase 安全漏洞

DataEase is an open source data visualization and analysis tool from DataEase Open Source. It is used to help users quickly analyze data and gain insight into business trends for business improvement and optimization. A security vulnerability exists in DataEase versions prior to 2.10.10 that stem...

The vulnerability of the H2 database management system, related to improper code generation, allows a hacker to execute arbitrary code.

The vulnerability of the H2 database management system is related to incorrect code generation management. Exploiting this vulnerability allows an attacker to execute arbitrary code using the jdbc:h2:mem function. The settings contained in this function are as follows: IGNOREUNKNOWNSETTINGS=TRUE;...

DEBIAN-CVE-2022-23221

H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNOREUNKNOWNSETTINGS=TRUE;FORBIDCREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392...