H2O is an Open Source, Distributed, Fast & Scalable Machine Learning Platform: Deep Learning, Gradient Boosting (GBM) & XGBoost, Random Forest, Generalized Linear Modeling (GLM with Elastic Net), K-Means, PCA, Generalized Additive Models (GAM), RuleFit, Support Vector Machine (SVM), Stacked Ensembles, Automatic Machine Learning (AutoML), etc.
Hello!
As part of our ongoing to ensure the security of our products, one or more vulnerabilities requiring remediation have been identified. We understand some of these are third party images, and fixes may be available in upgraded images, but it is difficult to do so without proper testing and dev acceptance.
Vulnerability
Severity
Image
Package
Description
CVE-2023-52425
high
h2oai/h2o-open-source-k8s-minimal:3.46.0.1
expat:2.2.5
A flaw was found in Expat (libexpat). When parsing a large token that requires multiple buffer fills to complete, Expat has to r[...]
CVE-2024-21634
high
h2oai/h2o-open-source-k8s-minimal:3.46.0.1
software.amazon.ion:ion-java:1.0.2
Amazon Ion is a Java implementation of the Ion data notation. Prior to version 1.10.5, a potential denial-of-service issue exist[...]
wendycwong
commented
7 months ago
Hello! As part of our ongoing to ensure the security of our products, one or more vulnerabilities requiring remediation have been identified. We understand some of these are third party images, and fixes may be available in upgraded images, but it is difficult to do so without proper testing and dev acceptance.
Please reach out if you have any questions.