CVE-2021-42392 – H2 Database Engine / H2 database – RCE

CVE-2021-42392 is a remote code execution (RCE) vulnerability impacting H2 database versions 1.1.100 through 2.0.204. A proof of concept (PoC) was not observed publicly or in the underground.

Summary:

CVE-2021-42392 is a remote code execution (RCE) vulnerability impacting H2 database versions 1.1.100 through 2.0.204. A proof of concept (PoC) was not observed publicly or in the underground.

PoC Links(if available):

Known Counter Measures:

H2 Database Engine addressed the vulnerability in H2 database version 2.0.206.

Links to patches(if available)

https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6