Vulnerabilities in ClickHouse
9 resultsCVE-2018-14671—In ClickHouse before 18.10.3, unixODBC allowed loading arbitrary shared objects from the file system which led to a Remote Code Execution vuEPSS 3.4%CVE-2018-14670—Incorrect configuration in deb package in ClickHouse before 1.1.54131 could lead to unauthorized use of the database.EPSS 1.8%CVE-2019-16536HIGHStack overflow leading to DoS can be triggered by a malicious authenticated client.EPSS 0.7%CVE-2024-6873HIGHSpecially crafted request could caused undefined behaviour which may lead to Remote Code Execution.EPSS 0.7%CVE-2023-48298MEDIUMInteger underflow leading to stack overflow in FPC codec decompressionEPSS 0.6%CVE-2024-22412LOWClickHouse's Role-based Access Control is bypassed when query caching is enabled.EPSS 0.6%CVE-2023-48704HIGHUnauthenticated heap buffer overflow in Gorrila codec decompressionEPSS 0.5%CVE-2023-47118HIGHHeap buffer overflow in T64 codec decompressionEPSS 0.5%CVE-2025-1385HIGHFail input validation in clickhouse-library-bridge API could lead to RCE under specific configurationEPSS 0.4%