New Log4Shell-like vulnerability impacts H2 Java SQL database


a hooded figure targets a coding vulnerability

Researchers have warned of a new, critical Java flaw impacting the console of the popular H2 Java SQL database with the same root cause as the Log4Shell vulnerability in Apache Log4j. According to JFrog, the issue carries a critical risk of unauthenticated remote code execution (RCE) for certain organizations who should update their H2 databases immediately.

Read more…