Uploaded image for project: 'FOLIO'
  1. FOLIO
  2. FOLIO-3457

spring-module-core: h2database:h2 Remote Code Execution (CVE-2022-23221)

    XMLWordPrintable

Details

    • None
    • TBD

    Description

      https://github.com/folio-org/spring-module-core uses com.h2database:h2@1.4.200: [ https://github.com/folio-org/spring-module-core/blob/main/domain/pom.xml#L44-L47|https://github.com/folio-org/spring-module-core/blob/main/domain/pom.xml#L44-L47]

      H2 before 2.1.210 allows remote attackers to execute arbitrary code: https://nvd.nist.gov/vuln/detail/CVE-2022-23221

      TestRail: Results

        Attachments

          Issue Links

            Activity

              People

                wwelling William Welling
                julianladisch Julian Ladisch
                Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  TestRail: Runs

                    TestRail: Cases