{"id":"PYSEC-2026-351","summary":"H2O Deserialization of Untrusted Data Vulnerability","details":"A vulnerability in the h2oai/h2o-3 REST API versions 3.46.0.4 allows unauthenticated remote attackers to execute arbitrary code via deserialization of untrusted data. The vulnerability exists in the endpoints POST /99/ImportSQLTable and POST /3/SaveToHiveTable, where user-controlled JDBC URLs are passed to DriverManager.getConnection, leading to deserialization if a MySQL or PostgreSQL driver is available in the classpath. This issue is fixed in version 3.46.0.6.","aliases":["CVE-2024-10553","GHSA-h7xg-cmpp-48hf"],"modified":"2026-06-29T12:15:21.310256780Z","published":"2026-06-29T11:50:35.058540Z","references":[{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-10553"},{"type":"WEB","url":"https://github.com/h2oai/h2o-3/commit/ac1d642b4d86f10a02d75974055baf2a4b2025ac"},{"type":"PACKAGE","url":"https://github.com/h2oai/h2o-3"},{"type":"WEB","url":"https://huntr.com/bounties/e6f550dd-eda2-428c-a740-ed8f893a084b"},{"type":"PACKAGE","url":"https://pypi.org/project/h2o"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-h7xg-cmpp-48hf"}],"affected":[{"package":{"name":"h2o","ecosystem":"PyPI","purl":"pkg:pypi/h2o"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.46.0.6"}]}],"versions":["3.10.0.10","3.10.0.3","3.10.0.6","3.10.0.7","3.10.0.8","3.10.3.3","3.10.3.4","3.10.4.1","3.10.4.2","3.10.4.3","3.10.4.4","3.10.4.6","3.10.4.8","3.16.0.1","3.16.0.2","3.16.0.3","3.16.0.4","3.18.0.1","3.18.0.10","3.18.0.11","3.18.0.2","3.18.0.3","3.18.0.4","3.18.0.5","3.18.0.6","3.18.0.7","3.18.0.8","3.18.0.9","3.20.0.4","3.20.0.5","3.20.0.6","3.20.0.7","3.20.0.8","3.22.0.1","3.22.0.2","3.22.0.3","3.22.0.4","3.22.0.5","3.22.1.1","3.22.1.2","3.22.1.3","3.22.1.4","3.22.1.5","3.22.1.6","3.24.0.1","3.24.0.2","3.24.0.3","3.24.0.4","3.24.0.5","3.26.0.1","3.26.0.10","3.26.0.11","3.26.0.2","3.26.0.3","3.26.0.4","3.26.0.5","3.26.0.6","3.26.0.8","3.26.0.9","3.28.0.1","3.28.0.2","3.28.0.3","3.28.1.2","3.28.1.3","3.30.0.1","3.30.0.2","3.30.0.3","3.30.0.4","3.30.0.5","3.30.0.6","3.30.0.7","3.30.1.1","3.30.1.2","3.30.1.3","3.32.0.2","3.32.0.3","3.32.0.4","3.32.0.5","3.32.1.1","3.32.1.2","3.32.1.3","3.32.1.4","3.32.1.5","3.32.1.6","3.32.1.7","3.34.0.3","3.34.0.7","3.34.0.8","3.36.0.2","3.36.0.3","3.36.0.4","3.36.1.1","3.36.1.2","3.36.1.3","3.36.1.4","3.36.1.5","3.38.0.1","3.38.0.2","3.38.0.3","3.38.0.4","3.40.0.1","3.40.0.2","3.40.0.3","3.40.0.4","3.42.0.1","3.42.0.2","3.42.0.3","3.42.0.4","3.44.0.1","3.44.0.2","3.44.0.3","3.46.0.1","3.46.0.2","3.46.0.3","3.46.0.4","3.46.0.5"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/h2o/PYSEC-2026-351.yaml"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}