exploitDog

CVE-2022-44011

Опубликовано: 23 нояб. 2023

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

An issue was discovered in ClickHouse before 22.9.1.2603. An authenticated user (with the ability to load data) could cause a heap buffer overflow and crash the server by inserting a malformed CapnProto object. The fixed versions are 22.9.1.2603, 22.8.2.11, 22.7.4.16, 22.6.6.16, and 22.3.12.19.

Ссылки

https://clickhouse.com
Product
https://clickhouse.com
Product

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:clickhouse:clickhouse:*:*:*:*:*:*:*:*

Версия до 22.3.12.19 (исключая)

cpe:2.3:a:clickhouse:clickhouse:*:*:*:*:*:*:*:*

Версия от 22.6 (включая) до 22.6.6.16 (исключая)

cpe:2.3:a:clickhouse:clickhouse:*:*:*:*:*:*:*:*

Версия от 22.7 (включая) до 22.7.4.16 (исключая)

cpe:2.3:a:clickhouse:clickhouse:*:*:*:*:*:*:*:*

Версия от 22.8 (включая) до 22.8.2.11 (исключая)

cpe:2.3:a:clickhouse:clickhouse:*:*:*:*:*:*:*:*

Версия от 22.9 (включая) до 22.9.1.2603 (исключая)

EPSS

Процентиль: 30%

0.00113

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-787

Связанные уязвимости

CVE-2022-44011

CVSS3: 6.5

ubuntu

около 2 лет назад

An issue was discovered in ClickHouse before 22.9.1.2603. An authenticated user (with the ability to load data) could cause a heap buffer overflow and crash the server by inserting a malformed CapnProto object. The fixed versions are 22.9.1.2603, 22.8.2.11, 22.7.4.16, 22.6.6.16, and 22.3.12.19.

CVE-2022-44011

CVSS3: 6.5

debian

около 2 лет назад

An issue was discovered in ClickHouse before 22.9.1.2603. An authentic ...

GHSA-4xq2-q58f-2q5m

CVSS3: 6.5

github

около 2 лет назад

An issue was discovered in ClickHouse before 22.9.1.2603. An authenticated user (with the ability to load data) could cause a heap buffer overflow and crash the server by inserting a malformed CapnProto object. The fixed versions are 22.9.1.2603, 22.8.2.11, 22.7.4.16, 22.6.6.16, and 22.3.12.19.

EPSS

Процентиль: 30%

0.00113

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-787