29 matches found
EUVD-2022-28551
Malicious code in bioql PyPI...
EUVD-2024-19964
Malicious code in bioql PyPI...
EUVD-2022-5337
Malicious code in bioql PyPI...
CVE-2024-22412
ClickHouse is an open-source column-oriented database management system. A bug exists in the cloud ClickHouse offering prior to version 24.0.2.54535 and in github.com/clickhouse/clickhouse version 23.1. Query caching bypasses the role based access controls and the policies being enforced on roles...
Linux Distros Unpatched Vulnerability : CVE-2024-22412
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ClickHouse is an open-source column-oriented database management system. A bug exists in the cloud ClickHouse offering prior to version 24.0.2.54535 and in...
Pgpool-II 安全漏洞
Pgpool-II is an open source cluster management tool from PgPool Global Development Group. A security vulnerability exists in Pgpool-II that stems from an information disclosure vulnerability contained in the query caching feature...
CVE-2024-22412
ClickHouse is an open-source column-oriented database management system. A bug exists in the cloud ClickHouse offering prior to version 24.0.2.54535 and in github.com/clickhouse/clickhouse version 23.1. Query caching bypasses the role based access controls and the policies being enforced on roles...
DEBIAN-CVE-2024-22412
ClickHouse is an open-source column-oriented database management system. A bug exists in the cloud ClickHouse offering prior to version 24.0.2.54535 and in github.com/clickhouse/clickhouse version 23.1. Query caching bypasses the role based access controls and the policies being enforced on roles...
UBUNTU-CVE-2024-22412
ClickHouse is an open-source column-oriented database management system. A bug exists in the cloud ClickHouse offering prior to version 24.0.2.54535 and in github.com/clickhouse/clickhouse version 23.1. Query caching bypasses the role based access controls and the policies being enforced on roles...
CVE-2024-22412 ClickHouse's Role-based Access Control is bypassed when query caching is enabled.
ClickHouse is an open-source column-oriented database management system. A bug exists in the cloud ClickHouse offering prior to version 24.0.2.54535 and in github.com/clickhouse/clickhouse version 23.1. Query caching bypasses the role based access controls and the policies being enforced on roles...
CVE-2024-22412
ClickHouse is an open-source column-oriented database management system. A bug exists in the cloud ClickHouse offering prior to version 24.0.2.54535 and in github.com/clickhouse/clickhouse version 23.1. Query caching bypasses the role based access controls and the policies being enforced on roles...
CVE-2024-22412
The CVE-2024-22412 issue affects ClickHouse: in cloud ClickHouse prior to 24.0.2.54535 and in ClickHouse 23.1, query caching can bypass role-based access controls, exposing data to users with a role who should be restricted. Affected versions' query cache behavior is described as not documented a...
CVE-2024-22412 ClickHouse's Role-based Access Control is bypassed when query caching is enabled.
ClickHouse is an open-source column-oriented database management system. A bug exists in the cloud ClickHouse offering prior to version 24.0.2.54535 and in github.com/clickhouse/clickhouse version 23.1. Query caching bypasses the role based access controls and the policies being enforced on roles...
CVE-2024-22412 ClickHouse's Role-based Access Control is bypassed when query caching is enabled.
ClickHouse is an open-source column-oriented database management system. A bug exists in the cloud ClickHouse offering prior to version 24.0.2.54535 and in github.com/clickhouse/clickhouse version 23.1. Query caching bypasses the role based access controls and the policies being enforced on roles...
ClickHouse Security Breach
ClickHouse is ClickHouse's fastest and most resource-efficient open source database for real-time applications and analytics. A security vulnerability exists in ClickHouse prior to 24.1, ClickHouse Cloud prior to 24.0.2.54535, which stems from an access control bypass when query caching is enable...
BIT-GRAFANA-2022-23498 When query caching is enabled in Grafana users can query another users session
Grafana is an open-source platform for monitoring and observability. When datasource query caching is enabled, Grafana caches all headers, including grafanasession. As a result, any user that queries a datasource where the caching is enabled can acquire another user’s session. To mitigate the...
PT-2024-19403
Name of the Vulnerable Software and Affected Versions ClickHouse versions prior to 24.0.2.54535 ClickHouse version 23.1 Description A bug exists in ClickHouse that allows query caching to bypass role-based access controls and policies. This means that attackers with control of a role could guess...
CVE-2022-23498
A flaw was found in the Grafana package. When data-source query caching is enabled, Grafana caches all headers, including grafanasession. As a result, any user that queries a data source where the caching is enabled can acquire another user’s session. Mitigation To mitigate the vulnerability,...
Session fixation
Grafana is an open-source platform for monitoring and observability. When datasource query caching is enabled, Grafana caches all headers, including grafanasession. As a result, any user that queries a datasource where the caching is enabled can acquire another user’s session. To mitigate the...
CVE-2022-23498 When query caching is enabled in Grafana users can query another users session
Grafana is an open-source platform for monitoring and observability. When datasource query caching is enabled, Grafana caches all headers, including grafanasession. As a result, any user that queries a datasource where the caching is enabled can acquire another user’s session. To mitigate the...