CVE-2023-6016

Summary

An attacker is able to gain remote code execution on a server hosting the H2O dashboard through it's POJO model import feature.

Affected Software

VendorProductVersion RangeStatus
h2oaih2oai/h2o-3unspecified <= latestaffected

Weaknesses

  • CWE-94: CWE-94 Improper Control of Generation of Code

ADP Enrichment

CVE Program Container

Additional References

References