It was discovered that ClickHouse incorrectly handled memory, leading to a heap out-of-bounds data read. An attacker could possibly use this issue to cause a denial of service, or leak sensitive information. (CVE-2021-42387, CVE-2021-41388)
It was discovered that ClickHouse incorrectly handled memory, leading to a heap-based buffer overflow. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. (CVE-2021-43305)
{ "availability": "No subscription required", "binaries": [ { "binary_name": "clickhouse-client", "binary_version": "18.16.1+ds-7ubuntu0.1" }, { "binary_name": "clickhouse-client-dbgsym", "binary_version": "18.16.1+ds-7ubuntu0.1" }, { "binary_name": "clickhouse-common", "binary_version": "18.16.1+ds-7ubuntu0.1" }, { "binary_name": "clickhouse-common-dbgsym", "binary_version": "18.16.1+ds-7ubuntu0.1" }, { "binary_name": "clickhouse-server", "binary_version": "18.16.1+ds-7ubuntu0.1" }, { "binary_name": "clickhouse-server-dbgsym", "binary_version": "18.16.1+ds-7ubuntu0.1" }, { "binary_name": "clickhouse-tools", "binary_version": "18.16.1+ds-7ubuntu0.1" }, { "binary_name": "clickhouse-tools-dbgsym", "binary_version": "18.16.1+ds-7ubuntu0.1" } ] }