Critical flaw in the H2 open-source Java SQL database are similar to the Log4J vulnerability, but do not pose a widespread threat.

Researchers have warned of a new, critical Java flaw impacting the console of the popular H2 Java SQL database with the same root cause as the Log4Shell vulnerability in Apache Log4j.

H2 is an open-source relational database management system written in Java. It can be embedded in Java applications or run in client-server mode.

To keep things simple, we’re going to use the embedded H2 database for both development and runtime examples. You can change the JDBC URL in the EntityManager to point to any database you wish.