Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 18 results


CVE-2024-41436

Medium priority
Needs evaluation

ClickHouse v24.3.3.102 was discovered to contain a buffer overflow via the component DB::evaluateConstantExpressionImpl.

1 affected packages

clickhouse

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
clickhouse Needs evaluation Not in release Needs evaluation
Show less packages

CVE-2024-6873

Medium priority
Needs evaluation

It is possible to crash or redirect the execution flow of the ClickHouse server process from an unauthenticated vector by sending a specially crafted request to the ClickHouse server native interface. This redirection is limited...

1 affected packages

clickhouse

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
clickhouse Needs evaluation Not in release Needs evaluation Not in release Not in release
Show less packages

CVE-2024-22412

Medium priority
Needs evaluation

ClickHouse is an open-source column-oriented database management system. A bug exists in the cloud ClickHouse offering prior to version 24.0.2.54535 and in github.com/clickhouse/clickhouse version 23.1. Query caching bypasses the...

1 affected packages

clickhouse

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
clickhouse Needs evaluation Not in release Needs evaluation
Show less packages

CVE-2023-48704

Medium priority
Needs evaluation

ClickHouse is an open-source column-oriented database management system that allows generating analytical data reports in real-time. A heap buffer overflow issue was discovered in ClickHouse server. An attacker could send a...

1 affected packages

clickhouse

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
clickhouse Needs evaluation Not in release Needs evaluation Ignored Ignored
Show less packages

CVE-2023-48298

Medium priority
Needs evaluation

ClickHouse® is an open-source column-oriented database management system that allows generating analytical data reports in real-time. This vulnerability is an integer underflow resulting in crash due to stack buffer overflow in...

1 affected packages

clickhouse

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
clickhouse Needs evaluation Not in release Needs evaluation Ignored Ignored
Show less packages

CVE-2023-47118

Medium priority
Needs evaluation

ClickHouse® is an open-source column-oriented database management system that allows generating analytical data reports in real-time. A heap buffer overflow issue was discovered in ClickHouse server. An attacker could send a...

1 affected packages

clickhouse

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
clickhouse Needs evaluation Not in release Needs evaluation Ignored Ignored
Show less packages

CVE-2022-44011

Medium priority
Needs evaluation

An issue was discovered in ClickHouse before 22.9.1.2603. An authenticated user (with the ability to load data) could cause a heap buffer overflow and crash the server by inserting a malformed CapnProto object. The fixed versions...

1 affected packages

clickhouse

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
clickhouse Needs evaluation Not in release Needs evaluation Ignored Ignored
Show less packages

CVE-2022-44010

Medium priority
Needs evaluation

An issue was discovered in ClickHouse before 22.9.1.2603. An attacker could send a crafted HTTP request to the HTTP Endpoint (usually listening on port 8123 by default), causing a heap-based buffer overflow that crashes...

1 affected packages

clickhouse

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
clickhouse Needs evaluation Not in release Needs evaluation Ignored Ignored
Show less packages

CVE-2021-43305

Medium priority

Some fixes available 1 of 4

Heap buffer overflow in Clickhouse's LZ4 compression codec when parsing a malicious query. There is no verification that the copy operations in the LZ4::decompressImpl loop and especially the arbitrary copy...

1 affected packages

clickhouse

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
clickhouse Not affected Fixed
Show less packages

CVE-2021-43304

Medium priority
Ignored

Heap buffer overflow in Clickhouse's LZ4 compression codec when parsing a malicious query. There is no verification that the copy operations in the LZ4::decompressImpl loop and especially the arbitrary copy...

1 affected packages

clickhouse

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
clickhouse Not affected Ignored
Show less packages