H2 Vulnerability - more amusing than dangerous

This is sort of a PSA, but more of an amusing response to a CVE from the folks at H2:

To save you a click:

NOTE: the vendor states "This is not a vulnerability of H2 Console ... Passwords should never be passed on the command line and every qualified DBA or system administrator is expected to know that."
1 Like

When I saw this I laughed.

This vulnerability is in every database CLI tool I’ve ever used: postgres and mysql both have this functionality.

1 Like