5 matches found
CVE-2019-18657
ClickHouse before 19.13.5.44 allows HTTP header injection via the url table function...
ClickHouse < 19.13.5.44
The version of ClickHouse installed on the remote host is prior to 19.13.5.44. It is, therefore, affected by a HTTP header injection vulnerability via the url table function. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...
CVE-2019-18657
ClickHouse before 19.13.5.44 allows HTTP header injection via the url table function...
CVE-2019-18657
Summary : CVE-2019-18657 affects ClickHouse prior to 19.13.5.44, where the HTTP header injection flaw can be triggered via the url table function. The vulnerability’s root cause is unsafe handling of HTTP headers in the url table function, enabling an attacker to inject arbitrary headers in reque...
CVE-2019-18657
Table function url had the vulnerability allowed the attacker to inject arbitrary HTTP headers in the request. Nikita Tikhomirov...