CVE-2022-45868
CVE-2022-45868
H2 Password Exposure False Positive
CVE-2022-45868 details a vulnerability within H2 when it is used as a stand alone server and started using their CLI. Rundeck and Runbook Automation use the H2 database to streamline setups and provide a quick way to get started with the product.
Rundeck/Runbook Automation Self-Hosted implementation uses an embeded db, not using the CLI. This implementation model is not vulnerable based on the details of the CVE provided in the notice and this discussion thread on the H2Database project.
If there are any additional questions please feel free to reach out using the support methods described here.