9 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-1385
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When the library bridge feature is enabled, the clickhouse-library-bridge exposes an HTTP API on localhost. This allows clickhouse-server to dynamically load a...
CVE-2025-1385
When the library bridge feature is enabled, the clickhouse-library-bridge exposes an HTTP API on localhost. This allows clickhouse-server to dynamically load a library from a specified path and execute it in an isolated process. Combined with the ClickHouse table engine functionality that permits...
CVE-2025-1385
creationtimestamp| type| source ---|---|--- 2025-03-20 09:03:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lksdomw3gq2j 2025-03-20 09:30:37+00:00| published-proof-of-concept| Telegram/NQlvjHhG2-VIGa7A-fQOLEf1RIrC3ATUo7ji5TmFiVmJeeU 2025-03-20 11:32:45+00:00| seen|...
CVE-2025-1385
When the library bridge feature is enabled, the clickhouse-library-bridge exposes an HTTP API on localhost. This allows clickhouse-server to dynamically load a library from a specified path and execute it in an isolated process. Combined with the ClickHouse table engine functionality that permits...
CVE-2025-1385 Fail input validation in clickhouse-library-bridge API could lead to RCE under specific configuration
When the library bridge feature is enabled, the clickhouse-library-bridge exposes an HTTP API on localhost. This allows clickhouse-server to dynamically load a library from a specified path and execute it in an isolated process. Combined with the ClickHouse table engine functionality that permits...
CVE-2025-1385
The CVE-2025-1385 vulnerability affects ClickHouse when the library_bridge feature is enabled and exposes an HTTP API on localhost (default port 9019). This configuration allows the ClickHouse server to dynamically load a library from a path and execute it in an isolated process, which, combined ...
CVE-2025-1385 Fail input validation in clickhouse-library-bridge API could lead to RCE under specific configuration
When the library bridge feature is enabled, the clickhouse-library-bridge exposes an HTTP API on localhost. This allows clickhouse-server to dynamically load a library from a specified path and execute it in an isolated process. Combined with the ClickHouse table engine functionality that permits...
CVE-2025-1385
When the library bridge feature is enabled, the clickhouse-library-bridge exposes an HTTP API on localhost. This allows clickhouse-server to dynamically load a library from a specified path and execute it in an isolated process. Combined with the ClickHouse table engine functionality that permits...
CVE-2025-1385
When the library bridge feature is enabled, the clickhouse-library-bridge exposes an HTTP API on localhost. This allows clickhouse-server to dynamically load a library from a specified path and execute it in an isolated process. Combined with the ClickHouse table engine functionality that permits...