CVE-2019-16536Classic Buffer Overflow in Clickhouse

CWE-120Classic Buffer Overflow4 documents4 sources
Severity
8.2HIGHNVD
EPSS
0.3%
top 48.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
ClickhouseClickhouse DBDebian Clickhouse
Timeline
PublishedMay 21

Description

Stack overflow leading to DoS can be triggered by a malicious authenticated client in Clickhouse before 19.14.3.3.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H

Affected Packages3 packages

NVDclickhouse/clickhouse< 19.14.3.3
CVEListV5clickhouse/db19.14.3.3

🔴Vulnerability Details

2
OSV
CVE-2019-16536: Stack overflow leading to DoS can be triggered by a malicious authenticated client in Clickhouse before 192025-05-21
GHSA
GHSA-5xwv-wjhm-pv8f: Stack overflow leading to DoS can be triggered by a malicious authenticated client in Clickhouse before 192025-05-21

📋Vendor Advisories

1
Debian
CVE-2019-16536: clickhouse - Stack overflow leading to DoS can be triggered by a malicious authenticated clie...2019