CVE-2025-1385HIGHCVSS 7.5≥ 24.3, < 24.3.18.6·≥ 24.8, < 24.8.14.27+3 more2025-03-20
CVE-2025-1385 [HIGH] CWE-20 CVE-2025-1385: When the library bridge feature is enabled, the clickhouse-library-bridge exposes an HTTP API on loc
When the library bridge feature is enabled, the clickhouse-library-bridge exposes an HTTP API on localhost. This allows clickhouse-server to dynamically load a library from a specified path and execute it in an isolated process. Combined with the ClickHouse table engine functionality that permits file uploads to specific directories, a misconfigured serv
nvd