6 matches found
EUVD-2025-7098
Malicious code in bioql PyPI...
CVE-2024-10572
In h2oai/h2o-3 version 3.46.0.1, the runtool command exposes classes in the water.tools package through the ast parser. This includes the XGBoostLibExtractTool class, which can be exploited to shut down the server and write large files to arbitrary directories, leading to a denial of service...
GHSA-WJPV-64V2-2QPQ H2O Vulnerable to Denial of Service (DoS) and File Write
In h2oai/h2o-3 version 3.46.0.1, the runtool command exposes classes in the water.tools package through the ast parser. This includes the XGBoostLibExtractTool class, which can be exploited to shut down the server and write large files to arbitrary directories, leading to a denial of service...
H2O Vulnerable to Denial of Service (DoS) and File Write
In h2oai/h2o-3 version 3.46.0.1, the runtool command exposes classes in the water.tools package through the ast parser. This includes the XGBoostLibExtractTool class, which can be exploited to shut down the server and write large files to arbitrary directories, leading to a denial of service...
PT-2025-12048 · H2O.Ai · H2O-3
Name of the Vulnerable Software and Affected Versions: h2oai/h2o-3 version 3.46.0.1 Description: The run tool command exposes classes in the water.tools package through the ast parser. This includes the XGBoostLibExtractTool class, which can be exploited to shut down the server and write large...
H2O Vulnerable to Denial of Service (DoS) and File Write
In h2oai/h2o-3 version 3.46.0.1, the runtool command exposes classes in the water.tools package through the ast parser. This includes the XGBoostLibExtractTool class, which can be exploited to shut down the server and write large files to arbitrary directories, leading to a denial of service...