Critical H2 database vulnerability similar to Log4Shell disclosed

clock • 3 min read
Critical H2 database vulnerability similar to Log4Shell disclosed
Image:

Critical H2 database vulnerability similar to Log4Shell disclosed

All H2 users should upgrade to the newest version 2.0.206 which is patched for the flaw

Researchers at software company JFrog have uncovered a new vulnerability affecting H2 database consoles that could allow threat actors to achieve remote code execution (RCE) in applications and sof...

To continue reading this article...

Join Computing

  • Unlimited access to real-time news, analysis and opinion from the technology industry
  • Receive important and breaking news in our daily newsletter
  • Be the first to hear about our events and awards programmes
  • Join live member only interviews with IT leaders at the ‘IT Lounge’; your chance to ask your burning tech questions and have them answered
  • Access to the Computing Delta hub providing market intelligence and research
  • Receive our members-only newsletter with exclusive opinion pieces from senior IT Leaders

Join now

 

Already a Computing member?

Login

You may also like
Mistral unveils AI code-generation model Codestral

Artificial Intelligence

The model has already undergone testing by JetBrains, SourceGraph, LlamaIndex and others

clock 31 May 2024 • 2 min read
NCSC CTO: UK tech sector not incentivising companies to build secure software

Security Technology

Calls for market reform to usher in secure future tech

clock 17 May 2024 • 2 min read
Ivanti patches bugs in Connect Secure and Policy Secure gateways

Threats and Risks

Comes on the heels of federal-level security concerns

clock 05 April 2024 • 3 min read

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

More on Threats and Risks

CISA confirms Windows privilege escalation flaw has been exploited

CISA confirms Windows privilege escalation flaw has been exploited

US cybersecurity agency also added a recently disclosed Google Pixel flaw to its list of exploited vulnerabilities

Kyle Alspach
clock 17 June 2024 • 1 min read
Windows users warned of wireless takeover vulnerability

Windows users warned of wireless takeover vulnerability

Users are advised to update immediately

Penny Horwood
clock 17 June 2024 • 2 min read
Threat group 'systematically compromising Snowflake customer instances'

Threat group 'systematically compromising Snowflake customer instances'

165 organisations notified to date

Kyle Alspach
clock 11 June 2024 • 2 min read