Skip to main content



H2 Password Exposure False Positive

CVE-2022-45868open in new window details a vulnerability within H2 when it is used as a stand alone server and started using their CLI. Rundeck and Process Automation use the H2 database to streamline setups and provide a quick way to get started with the product.

Rundeck/Process Automation's implementation uses an embeded db, not using the CLI. This implementation model is not vulnerable based on the details of the CVE provided in the notice and this discussionopen in new window thread on the H2Database project.

If there are any additional questions please feel free to reach out using the support methods described here.