Security Vulnerability with H2

Question

muralits opened this issue 2 years ago · comments

CRITICAL Vulnerability found in non-os package type (java) - /app/app.jar:BOOT-INF/lib/h2-1.4.200.jar (CVE-2021-23463 - https://nvd.nist.gov/vuln/detail/CVE-2021-23463)

How to fix this?

Antoine Rey · Answer 1 · Tue Mar 15 2022 15:50:18 GMT+0800 (China Standard Time)

We have to upgrade the H2 database version. Do you want to work on this subject?

Antoine Rey · Answer 2 · Sat Sep 17 2022 20:10:29 GMT+0800 (China Standard Time)

Fix with #61