Vulnerabilities > H2O > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-06-06 CVE-2024-5550 Unspecified vulnerability in H2O 3.40.0.4
In h2oai/h2o-3 version 3.40.0.4, an exposure of sensitive information vulnerability exists due to an arbitrary system path lookup feature.
network
low complexity
h2o
5.3
5.3
2023-11-16 CVE-2023-6013 Unspecified vulnerability in H2O
H2O is vulnerable to stored XSS vulnerability which can lead to a Local File Include attack.
network
low complexity
h2o
5.4
5.4