Security Advisories · ClickHouse/ClickHouse · GitHub

Security Advisories

View known security vulnerabilities and report new vulnerabilities privately to maintainers.

Report a vulnerability

Specially crafted request could caused undefined behavior which may lead to Remote Code Execution.
GHSA-432f-r822-j66f published Aug 1, 2024 by santrancisco

High
Role-based Access Control is bypassed when query caching is enabled.
GHSA-45h5-f7g3-gr8r published Mar 18, 2024 by santrancisco

Low
Unauthenticated heap buffer overflow in Gorrila codec decompression
GHSA-5rmf-5g48-xv63 published Dec 18, 2023 by santrancisco

High
Unauthenticated Integer underflow leading to stack overflow in FPC codec decompression
GHSA-qw9f-qv29-8938 published Dec 18, 2023 by santrancisco

Moderate
Heap buffer overflow in T64 codec decompression
GHSA-g22g-p6q2-x39v published Dec 18, 2023 by santrancisco

High