ai.h2o:h2o-core@3.46.0.5 vulnerabilities
-
latest version
3.46.0.6
-
first published
10 years ago
-
latest version published
a month ago
-
licenses detected
- [0.1.3,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the ai.h2o:h2o-core package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to improper input validation. An attacker can construct a crafted Iced model that uses Java gadgets and leads to arbitrary code execution when imported to the H2O platform. How to fix Deserialization of Untrusted Data? There is no fixed version for |
[0,)
|
Affected versions of this package are vulnerable to Denial Of Service through the How to fix Denial Of Service? There is no fixed version for |
[0,)
|