Are H2O.ai products affected by log4shell vulnerability?

Question

My question is if Open Source H2O-3, Open Source Sparkling Water and Driverless AI are affected by CVE-2021-44228 and CVE-2021-45046.

score 3 · Accepted Answer · answered Dec 23 '21 at 21:49

3

H2O.ai has releases/patches upgraded to the latest log4j version 2.17 to address the various vulnerabilities found. Updates are at:

answered Dec 23 '21 at 21:49

Satish Maruvada

score 1 · Answer 2 · answered Dec 19 '21 at 00:35

1

H2O.ai is closely tracking the vulnerabilities and publishing updates at https://www.h2o.ai/security/bulletins/h2o-2021-001/.

answered Dec 19 '21 at 00:35

Michal

2 Answers2