Vulnerability

CVE-2018-14335

 Report advisory or correction

CVSS Score 6.0 medium

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

CWE

CWE-59

References

https://github.com/h2database/h2database/issues/1294

[CVE-2018-14335] CWE-59: Improper Link Resolution Before File Access ('Link Following')

Description

h2database - Improper Link Resolution Before File Access The software attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

See com.h2database/h2 package information