{"id":"CVE-2022-23221","details":"H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392.","aliases":["GHSA-45hx-wfhj-473x"],"modified":"2026-04-11T22:13:35.871657Z","published":"2022-01-19T17:15:09Z","references":[{"type":"WEB","url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2022/02/msg00017.html"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20230818-0011/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2022/dsa-5076"},{"type":"FIX","url":"https://github.com/h2database/h2database/releases/tag/version-2.1.210"},{"type":"FIX","url":"https://github.com/h2database/h2database/security/advisories"},{"type":"FIX","url":"https://www.oracle.com/security-alerts/cpuapr2022.html"},{"type":"EVIDENCE","url":"http://packetstormsecurity.com/files/165676/H2-Database-Console-Remote-Code-Execution.html"},{"type":"EVIDENCE","url":"https://twitter.com/d0nkey_man/status/1483824727936450564"},{"type":"EVIDENCE","url":"http://seclists.org/fulldisclosure/2022/Jan/39"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/h2database/h2database","events":[{"introduced":"0"},{"fixed":"3d957a0aeb509c5976a3489e7867ecbb121280f4"},{"fixed":"ca926f8b646aa3dd3da5f7a81bbee055b19a8d6a"}],"database_specific":{"versions":[{"introduced":"1.1.100"},{"fixed":"2.0.206"}]}}],"versions":["version-1.4.188","version-1.4.190","version-1.4.192","version-1.4.193","version-1.4.194","version-1.4.195","version-1.4.197","version-1.4.198","version-1.4.199","version-1.4.200","version-2.0.202","version-2.0.204"],"database_specific":{"vanir_signatures_modified":"2026-04-11T22:13:35Z","vanir_signatures":[{"digest":{"line_hashes":["272810656635025776199681441561795810929","245591617129835704064380813555882338322","306412481140467524166442158358643941576","171885524935467376214112428467882639055","152693961729231181337235161892963699712","11128620713700209481157025108943595581","229492663452310778701433303382354959535","280099107836224806134227223277985234471"],"threshold":0.9},"id":"CVE-2022-23221-007ddf6d","signature_type":"Line","signature_version":"v1","source":"https://github.com/h2database/h2database/commit/3d957a0aeb509c5976a3489e7867ecbb121280f4","deprecated":false,"target":{"file":"h2/src/main/org/h2/engine/Constants.java"}},{"digest":{"function_hash":"315764262499076112425286640966310751787","length":3343},"id":"CVE-2022-23221-2e529f64","signature_type":"Function","signature_version":"v1","source":"https://github.com/h2database/h2database/commit/3d957a0aeb509c5976a3489e7867ecbb121280f4","deprecated":false,"target":{"function":"javadocImpl","file":"h2/src/tools/org/h2/build/Build.java"}},{"digest":{"line_hashes":["306343085252609351417168749835012023517","24484998409013538956641732370396970576","62200468007006360416996496122250431518","3323092461967229912768068215658008818"],"threshold":0.9},"id":"CVE-2022-23221-7128582e","signature_type":"Line","signature_version":"v1","source":"https://github.com/h2database/h2database/commit/3d957a0aeb509c5976a3489e7867ecbb121280f4","deprecated":false,"target":{"file":"h2/src/tools/org/h2/build/Build.java"}}],"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"9.0"}]},{"events":[{"introduced":"0"},{"last_affected":"10.0"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0"}]},{"events":[{"introduced":"0"},{"last_affected":"1.9.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-23221.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}