Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:18 a.m.23 views

CVE-2025-1386

When using the ch-go library, under a specific condition when the query includes a large, uncompressed malicious external data, it is possible for an attacker in control of such data to smuggle another query packet into the connection stream...

5.9CVSS6.8AI score0.00368EPSS
Exploits0References1
Wolfi
Wolfi
added 2025/04/14 7:44 p.m.28 views

CVE-2025-1386 vulnerabilities

Vulnerabilities for packages: telegraf...

5.9CVSS7.2AI score0.00368EPSS
Exploits0
Chainguard
Chainguard
added 2025/04/14 7:23 p.m.27 views

CVE-2025-1386 vulnerabilities

Vulnerabilities for packages: telegraf...

5.9CVSS7.2AI score0.00368EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2025/04/12 3:41 a.m.170 views

CVE-2025-1386- Query smuggling in ch-go library

Impact When using the ch-go library, under a specific condition when the query includes a large, uncompressed malicious external data, it is possible for an attacker in control of such data to smuggle another query packet into the connection stream. Patches If you are using ch-go library, we...

5.9CVSS6.9AI score0.00368EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2025/04/12 12:0 a.m.147 views

CVE-2025-1386- Query smuggling in ch-go library

When using the ch-go library, under a specific condition when the query includes a large, uncompressed malicious external data, it is possible for an attacker in control of such data to smuggle another query packet into the connection stream...

5.9CVSS6.8AI score0.00368EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2025/04/11 5:15 a.m.27 views

CVE-2025-1386

When using the ch-go library, under a specific condition when the query includes a large, uncompressed malicious external data, it is possible for an attacker in control of such data to smuggle another query packet into the connection stream...

5.9CVSS0.00368EPSS
Exploits0References1
Circl
Circl
added 2025/04/11 4:49 a.m.8 views

CVE-2025-1386

creationtimestamp| type| source ---|---|--- 2025-04-11 04:49:36+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11384 2025-04-11 05:43:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmjcrdawyz2i 2025-04-11 09:45:34+00:00| seen|...

5.9CVSS3.8AI score0.00368EPSS
Exploits0References3
CVE
CVE
added 2025/04/11 4:27 a.m.1896 views

CVE-2025-1386

CVE-2025-1386 concerns the ch-go library from github.com/ClickHouse/ch-go. The issue is a vulnerability in which, under a specific condition where a query includes large, uncompressed external data, an attacker who controls that data can smuggle another query packet into the same connection strea...

5.9CVSS6.6AI score0.00368EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/04/11 4:27 a.m.8 views

CVE-2025-1386 Query smuggling in ch-go library

When using the ch-go library, under a specific condition when the query includes a large, uncompressed malicious external data, it is possible for an attacker in control of such data to smuggle another query packet into the connection stream...

5.9CVSS6.5AI score0.00368EPSS
Exploits0References1
Rows per page
Query Builder