CVE-2019-18657

CVE-2019-18657

EPSS 1.5%

ClickHouse before 19.13.5.44 allows HTTP header injection via the url table function.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/ClickHouse/ClickHouse/blob/master/CHANGELOG.md https://github.com/ClickHouse/ClickHouse/pull/6466 https://github.com/ClickHouse/ClickHouse/pull/7526/files