Fixed in ClickHouse 21.10.2.15, 2021-10-18​

Heap buffer overflow in ClickHouse's LZ4 compression codec when parsing a malicious query. There is no verification that the copy operations in the LZ4::decompressImpl loop and especially the arbitrary copy operation wildCopyop, ip, copyend, don't exceed the destination buffer's limits...

PT-2021-6324 · Unknown +4 · Clickhouse +3

Name of the Vulnerable Software and Affected Versions: ClickHouse affected versions not specified Description: The issue is related to a heap buffer overflow in ClickHouse's LZ4 compression codec. This occurs when parsing a malicious query, as there is no verification that copy operations in the...

PT-2021-23611 · Unknown +2 · Clickhouse +1

Name of the Vulnerable Software and Affected Versions: Clickhouse affected versions not specified Description: The issue is related to a divide-by-zero error in Clickhouse's Delta compression codec. This error occurs when parsing a malicious query, where the first byte of the compressed buffer is...

PT-2021-23610 · Unknown +4 · Clickhouse +3

Name of the Vulnerable Software and Affected Versions: ClickHouse affected versions not specified Description: A heap out-of-bounds read issue exists in ClickHouse's LZ4 compression codec when parsing a malicious query. The LZ4::decompressImpl loop reads a 16-bit unsigned user-supplied value offs...

PT-2021-23612 · Unknown +2 · Clickhouse +1

Name of the Vulnerable Software and Affected Versions: Clickhouse affected versions not specified Description: The issue is related to a divide-by-zero error in Clickhouse's DeltaDouble compression codec. This occurs when parsing a malicious query, where the first byte of the compressed buffer is...

PT-2021-23613 · Unknown +2 · Clickhouse +1

Name of the Vulnerable Software and Affected Versions: ClickHouse affected versions not specified Description: The issue is related to a divide-by-zero error in ClickHouse's Gorilla compression codec. This occurs when parsing a malicious query, where the first byte of the compressed buffer is use...

PT-2021-6323 · Unknown +2 · Clickhouse +1

Name of the Vulnerable Software and Affected Versions: ClickHouse affected versions not specified Description: The issue is related to a heap buffer overflow in ClickHouse's LZ4 compression codec. This occurs when parsing a malicious query, as there is no verification that copy operations do not...

PT-2021-23609 · Unknown +4 · Clickhouse +3

Name of the Vulnerable Software and Affected Versions: ClickHouse affected versions not specified Description: A heap out-of-bounds read issue exists in ClickHouse's LZ4 compression codec when parsing a malicious query. The LZ4::decompressImpl loop reads a 16-bit unsigned user-supplied value offs...

CVE-2021-43304

Heap buffer overflow in ClickHouse's LZ4 compression codec when parsing a malicious query. There is no verification that the copy operations in the LZ4::decompressImpl loop and especially the arbitrary copy operation wildCopyop, ip, copyend , don't exceed the destination buffer's limits. JFrog...

CVE-2021-43305

Heap buffer overflow in ClickHouse's LZ4 compression codec when parsing a malicious query. There is no verification that the copy operations in the LZ4::decompressImpl loop and especially the arbitrary copy operation wildCopyop, ip, copyend , don't exceed the destination buffer's limits. This iss...

CVE-2021-42387

Heap out-of-bounds read in ClickHouse's LZ4 compression codec when parsing a malicious query. As part of the LZ4::decompressImpl loop, a 16-bit unsigned user-supplied value 'offset' is read from the compressed data. The offset is later used in the length of a copy operation, without checking the...

CVE-2021-42388

Heap out-of-bounds read in ClickHouse's LZ4 compression codec when parsing a malicious query. As part of the LZ4::decompressImpl loop, a 16-bit unsigned user-supplied value 'offset' is read from the compressed data. The offset is later used in the length of a copy operation, without checking the...

CVE-2021-42389

Divide-by-zero in ClickHouse's Delta compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0. JFrog Security Research Team...

CVE-2021-42391

Divide-by-zero in ClickHouse's Gorilla compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0. JFrog Security Research Team...

CVE-2021-42390

Divide-by-zero in ClickHouse's DeltaDouble compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0. JFrog Security Research Team...

DNSMonster - Passive DNS Capture/Monitoring Framework

Passive DNS collection and monitoring built with Golang, Clickhouse and Grafana: dnsmonster implements a packet sniffer for DNS traffic. It can accept traffic from a pcap file, a live interface or a dnstap socket, and can be used to index and store thousands of DNS queries per second it has shown...

CVE-2021-25263

Removed by vendor...

Yandex Browser 安全漏洞

Yandex ClickHouse is a set of open source columnar databases for online analytical processing from the Russian company Yandex. A security vulnerability exists in previous versions of Yandex Clickhouse v20.8.18.32-lts, v21.1.9.41-stable, v21.2.9.41-stable, v21.3.6.55-lts, and v21.4.3.21-stable,...

Adminer < 4.7.8 Server-Side Request Forgery

The version of Adminer installed on the remote host suffers from a Server-Side Request Forgery SSRF flaw via the error page of Elasticsearch and ClickHouse in versions bundling all drivers, this may permit clients to make onward connections to arbitrary systems/ports & can be used to potentially...

GitHub Security Lab: Python: Add support of clickhouse-driver package

This bug was reported directly to GitHub Security Lab...