The package com.h2database:h2 from 1.4.198 and before 2.0.202 are vulnerable to XML External Entity (XXE) Injection via the org.h2.jdbc.JdbcSQLXML class object, when it receives parsed string data from org.h2.jdbc.JdbcResultSet.getSQLXML() method. If it executes the getSource() method when the parameter is DOMSource.class it will trigger the vulnerability.
References
Link | Resource |
---|---|
https://github.com/h2database/h2database/commit/d83285fd2e48fb075780ee95badee6f5a15ea7f8%23diff-008c2e4462609982199cd83e7cf6f1d6b41296b516783f6752c44b9f15dc7bc3 | Broken Link |
https://github.com/h2database/h2database/issues/3195 | Exploit Issue Tracking Patch Third Party Advisory |
https://github.com/h2database/h2database/pull/3199 | Issue Tracking Patch Third Party Advisory |
https://security.netapp.com/advisory/ntap-20230818-0010/ | |
https://snyk.io/vuln/SNYK-JAVA-COMH2DATABASE-1769238 | Exploit Patch Third Party Advisory |
https://www.oracle.com/security-alerts/cpuapr2022.html | Not Applicable |
Configurations
History
18 Aug 2023, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
28 Apr 2022, 14:53
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.oracle.com/security-alerts/cpuapr2022.html - Not Applicable |
20 Apr 2022, 00:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
03 Jan 2022, 21:15
Type | Values Removed | Values Added |
---|---|---|
Summary | The package com.h2database:h2 from 1.4.198 and before 2.0.202 are vulnerable to XML External Entity (XXE) Injection via the org.h2.jdbc.JdbcSQLXML class object, when it receives parsed string data from org.h2.jdbc.JdbcResultSet.getSQLXML() method. If it executes the getSource() method when the parameter is DOMSource.class it will trigger the vulnerability. |
14 Dec 2021, 18:52
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-611 | |
References | (CONFIRM) https://github.com/h2database/h2database/commit/d83285fd2e48fb075780ee95badee6f5a15ea7f8%23diff-008c2e4462609982199cd83e7cf6f1d6b41296b516783f6752c44b9f15dc7bc3 - Broken Link | |
References | (CONFIRM) https://github.com/h2database/h2database/pull/3199 - Issue Tracking, Patch, Third Party Advisory | |
References | (CONFIRM) https://snyk.io/vuln/SNYK-JAVA-COMH2DATABASE-1769238 - Exploit, Patch, Third Party Advisory | |
References | (CONFIRM) https://github.com/h2database/h2database/issues/3195 - Exploit, Issue Tracking, Patch, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 6.4
v3 : 9.1 |
CPE | cpe:2.3:a:h2database:h2:*:*:*:*:*:*:*:* |
10 Dec 2021, 21:32
Type | Values Removed | Values Added |
---|---|---|
Summary | The package com.h2database:h2 from 0 and before 2.0.202 are vulnerable to XML External Entity (XXE) Injection via the org.h2.jdbc.JdbcSQLXML class object, when it receives parsed string data from org.h2.jdbc.JdbcResultSet.getSQLXML() method. If it executes the getSource() method when the parameter is DOMSource.class it will trigger the vulnerability. |
10 Dec 2021, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-12-10 20:15
Updated : 2024-02-04 22:08
NVD link : CVE-2021-23463
Mitre link : CVE-2021-23463
CVE.ORG link : CVE-2021-23463
JSON object : View
Products Affected
h2database
- h2
CWE
CWE-611
Improper Restriction of XML External Entity Reference