CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3 matches found

CVE•added 2024/01/19 9:2 p.m.•70 views

CVE-2024-23689

Summary: CVE-2024-23689 affects ClickHouse Java libraries (clickhouse-r2dbc, com.clickhouse:clickhouse-jdbc, com.clickhouse:clickhouse-client) with versions

8.8CVSS7.3AI score0.0126EPSS

Exploits1References6Affected Software1

vulnersOsv•added 2023/05/12 8:18 p.m.•1 views

com.adform:stream-loader-clickhouse_2.13 (>=0.2.5 <=0.2.12), com.clickhouse:clickhouse-benchmark (>=0.3.2 <=0.3.2-test3) +30 more potentially affected by CVE-2024-23689 via com.clickhouse:clickhouse-jdbc (>=0.3.2-patch1 <=0.4.5)

com.clickhouse:clickhouse-jdbc MAVEN version =0.3.2-patch1, =0.2.5, =0.3.2, =0.0.1.2023070401.Alpha, =0.0.1.2023070401.Alpha, =0.0.1.2023061901.Alpha, =0.0.1.2023052301.Alpha, =4.0.0, =4.1.0, =4.1.1, =1.0-ds, =1.0.0.20221015, =1.6.0, =1.9.0 - io.github.artjourney:janusgraph-clickhouse =0.1.0 and...

8.8CVSS6.9AI score0.0126EPSS

Exploits1

OSV•added 2021/12/17 8:42 p.m.•52 views

GHSA-3W6P-8F82-GW8R Using JMSAppender in log4j configuration may lead to deserialization of untrusted data

Impact ClickHouse JDBC Bridge uses slf4j-log4j12 1.7.32, which depends on log4j 1.2.17. It allows a remote attacker to execute code on the server, if you changed default log4j configuration by adding JMSAppender and an insecure JMS broker. Patches The patch version 2.0.7 removed log4j dependency ...

8.1CVSS9.3AI score0.72202EPSS

Exploits9References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by