ai.h2o:h2o-core 3.28.1.2 vulnerabilities

Known vulnerabilities in the ai.h2o:h2o-core package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
C Deserialization of Untrusted Data Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the `DriverManager.getConnection` method. An attacker can execute arbitrary code by passing malicious JDBC URLs that lead to deserialization of untrusted data. How to fix Deserialization of Untrusted Data? Upgrade `ai.h2o:h2o-core` to version 3.46.0.6 or higher.	[,3.46.0.6)
H Regular Expression Denial of Service (ReDoS) Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) through the `/3/Parse` endpoint. An attacker can exhaust all available threads, leading to a complete denial of service by sending multiple simultaneous requests. How to fix Regular Expression Denial of Service (ReDoS)? There is no fixed version for `ai.h2o:h2o-core`.	[0,)
M Exposed Dangerous Method or Function Affected versions of this package are vulnerable to Exposed Dangerous Method or Function through the `EncryptionTool` endpoint. An attacker can encrypt arbitrary files on the target server with a key of their choosing, making it exceedingly difficult for the target to recover the keys needed for decryption. How to fix Exposed Dangerous Method or Function? There is no fixed version for `ai.h2o:h2o-core`.	[0,)
H Directory Traversal Affected versions of this package are vulnerable to Directory Traversal via the endpoint for exporting models. An attacker can overwrite any file on the target server by exporting a model to any file in the server's file structure. Note: This vulnerability requires there to be a model that is available for export. In usual instances of `h2o-3` there are probably some models in memory from regular use. How to fix Directory Traversal? There is no fixed version for `ai.h2o:h2o-core`.	[0,)
H Denial of Service (DoS) Affected versions of this package are vulnerable to Denial of Service (DoS) via the `/3/ImportFiles` endpoint. An attacker can cause the server to repeatedly call its own endpoint, eventually filling up the request queue and leaving the server unable to handle other requests by recursively setting the `path` parameter to reference itself. How to fix Denial of Service (DoS)? There is no fixed version for `ai.h2o:h2o-core`.	[0,)
H Synchronous Access of Remote Resource without Timeout Affected versions of this package are vulnerable to Synchronous Access of Remote Resource without Timeout via the typeahead endpoint due to lacking timeout when checking that a specified resource exists. An attacker can cause the application to block and become unresponsive to other requests by sending multiple requests to an attacker-controlled server that hangs. How to fix Synchronous Access of Remote Resource without Timeout? There is no fixed version for `ai.h2o:h2o-core`.	[0,)
H Deserialization of Untrusted Data Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to improper input validation. An attacker can construct a crafted Iced model that uses Java gadgets and leads to arbitrary code execution when imported to the H2O platform. How to fix Deserialization of Untrusted Data? There is no fixed version for `ai.h2o:h2o-core`.	[0,)
H Denial Of Service Affected versions of this package are vulnerable to Denial Of Service through the `run_tool` command in the `rapids` component, which allows the `main` function of any class under the `water.tools` namespace to be called. An attacker can crash the server by invoking the `MojoConvertTool` class with an invalid argument. How to fix Denial Of Service? Upgrade `ai.h2o:h2o-core` to version 3.46.0.6 or higher.	[,3.46.0.6)
C External Control of File Name or Path Affected versions of this package are vulnerable to External Control of File Name or Path via the `ImportFiles` function due to improper input validation. An attacker can manipulate file paths to access or modify files outside of the intended directories by supplying crafted input. How to fix External Control of File Name or Path? Upgrade `ai.h2o:h2o-core` to version 3.46.0.1 or higher.	[,3.46.0.1)
H Directory Traversal Affected versions of this package are vulnerable to Directory Traversal via a local file in the REST API. A remote attacker can access every file on the API server with the permissions of the user who ran the command. How to fix Directory Traversal? Upgrade `ai.h2o:h2o-core` to version 3.46.0.1 or higher.	[,3.46.0.1)
C Arbitrary Code Injection Affected versions of this package are vulnerable to Arbitrary Code Injection through the 'import' feature. An attacker can upload and run arbitrary code, fully compromising the system with access equal to the permissions of the running `h2oai` process. How to fix Arbitrary Code Injection? Upgrade `ai.h2o:h2o-core` to version 3.46.0.1 or higher.	[,3.46.0.1)

Vulnerability

Vulnerable Version

Deserialization of Untrusted Data

Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the DriverManager.getConnection method. An attacker can execute arbitrary code by passing malicious JDBC URLs that lead to deserialization of untrusted data.

How to fix Deserialization of Untrusted Data?

Upgrade ai.h2o:h2o-core to version 3.46.0.6 or higher.

[,3.46.0.6)

Regular Expression Denial of Service (ReDoS)

Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) through the /3/Parse endpoint. An attacker can exhaust all available threads, leading to a complete denial of service by sending multiple simultaneous requests.

How to fix Regular Expression Denial of Service (ReDoS)?

There is no fixed version for ai.h2o:h2o-core.

[0,)

Exposed Dangerous Method or Function

Affected versions of this package are vulnerable to Exposed Dangerous Method or Function through the EncryptionTool endpoint. An attacker can encrypt arbitrary files on the target server with a key of their choosing, making it exceedingly difficult for the target to recover the keys needed for decryption.

How to fix Exposed Dangerous Method or Function?

There is no fixed version for ai.h2o:h2o-core.

[0,)

Directory Traversal

Affected versions of this package are vulnerable to Directory Traversal via the endpoint for exporting models. An attacker can overwrite any file on the target server by exporting a model to any file in the server's file structure.

Note:

This vulnerability requires there to be a model that is available for export. In usual instances of h2o-3 there are probably some models in memory from regular use.

How to fix Directory Traversal?

There is no fixed version for ai.h2o:h2o-core.

[0,)

Denial of Service (DoS)

Affected versions of this package are vulnerable to Denial of Service (DoS) via the /3/ImportFiles endpoint. An attacker can cause the server to repeatedly call its own endpoint, eventually filling up the request queue and leaving the server unable to handle other requests by recursively setting the path parameter to reference itself.

How to fix Denial of Service (DoS)?

There is no fixed version for ai.h2o:h2o-core.

[0,)

Synchronous Access of Remote Resource without Timeout

Affected versions of this package are vulnerable to Synchronous Access of Remote Resource without Timeout via the typeahead endpoint due to lacking timeout when checking that a specified resource exists. An attacker can cause the application to block and become unresponsive to other requests by sending multiple requests to an attacker-controlled server that hangs.

How to fix Synchronous Access of Remote Resource without Timeout?

There is no fixed version for ai.h2o:h2o-core.

[0,)

Deserialization of Untrusted Data

Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to improper input validation. An attacker can construct a crafted Iced model that uses Java gadgets and leads to arbitrary code execution when imported to the H2O platform.

How to fix Deserialization of Untrusted Data?

There is no fixed version for ai.h2o:h2o-core.

[0,)

Denial Of Service

Affected versions of this package are vulnerable to Denial Of Service through the run_tool command in the rapids component, which allows the main function of any class under the water.tools namespace to be called. An attacker can crash the server by invoking the MojoConvertTool class with an invalid argument.

How to fix Denial Of Service?

Upgrade ai.h2o:h2o-core to version 3.46.0.6 or higher.

[,3.46.0.6)

External Control of File Name or Path

Affected versions of this package are vulnerable to External Control of File Name or Path via the ImportFiles function due to improper input validation. An attacker can manipulate file paths to access or modify files outside of the intended directories by supplying crafted input.

How to fix External Control of File Name or Path?

Upgrade ai.h2o:h2o-core to version 3.46.0.1 or higher.

[,3.46.0.1)

Directory Traversal

Affected versions of this package are vulnerable to Directory Traversal via a local file in the REST API. A remote attacker can access every file on the API server with the permissions of the user who ran the command.

How to fix Directory Traversal?

Upgrade ai.h2o:h2o-core to version 3.46.0.1 or higher.

[,3.46.0.1)

Arbitrary Code Injection

Affected versions of this package are vulnerable to Arbitrary Code Injection through the 'import' feature. An attacker can upload and run arbitrary code, fully compromising the system with access equal to the permissions of the running h2oai process.

How to fix Arbitrary Code Injection?

Upgrade ai.h2o:h2o-core to version 3.46.0.1 or higher.

[,3.46.0.1)

ai.h2o:h2o-core@3.28.1.2 vulnerabilities

latest version

first published

latest version published

licenses detected

package registry

Direct Vulnerabilities

How to fix?