Researchers have disclosed seven new security vulnerabilities in an open-source database management system solution called ClickHouse that could be weaponized to crash the servers, leak memory contents, and even lead to the execution of arbitrary code.
« The vulnerabilities require authentication, but can be triggered by any user with read permissions, » Uriya Yavnieli and Or Peles, researchers

Researchers have disclosed seven new security vulnerabilities in an open-source database management system solution called ClickHouse that could be weaponized to crash the servers, leak memory contents, and even lead to the execution of arbitrary code.
« The vulnerabilities require authentication, but can be triggered by any user with read permissions, » Uriya Yavnieli and Or Peles, researchers