H2 is a relational database; it has an embeddable mode and a client-server mode.

H2 Database

Class based , object oriented programming language. Designed to have less dependencies as possible. The syntex of Java is smilier to C and C++. Commonly used for client-server applications. Java files are compiled by JVM (Java Virtual Machine)

Java

NixOS is a Linux distribution built on top of the Nix package manager. It is completely declarative, its system configurations are reproducible, makes configuration changes reliable and atomic, and eliminates configuration drift.

NixOS

Homebrew is a free and open-source software package management system that simplifies the installation of software on Apple's macOS operating system and Linux. The name is intended to suggest the idea of building software on the Mac depending on the user's taste. Originally written by Max Howell, the package manager has gained popularity in the Ruby on Rails community and earned praise for its extensibility.

Homebrew

Ubuntu is a Linux distribution based on Debian, mostly composed of free and open-source software. Ubuntu is officially released in three editions: Desktop, Server, and Core for internet of things devices and robots. All the editions can run on the computer alone or in a virtual machine.

Linux Ubuntu

An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files (outside of their permissions) via a symlink to a fake database file.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2022-23221	CRITICAL	9.8	H2 Database	h2	No	Yes	Jan 19, 2022
CVE-2021-42392	CRITICAL	9.8	H2 Database	com.h2database:h2	No	Yes	Jan 10, 2022
CVE-2021-23463	CRITICAL	9.1	H2 Database	h2	No	Yes	Dec 10, 2021
CVE-2022-45868	HIGH	7.8	H2 Database	h2	No	Yes	Nov 23, 2022
CVE-2018-14335	MEDIUM	6.5	H2 Database	cpe:2.3:a:h2database:h2	No	Yes	Jul 24, 2018

CVE-2018-14335:
H2 Database vulnerability analysis and mitigation

6.5

Related H2 Database vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2018-14335: H2 Database vulnerability analysis and mitigation