Security Advisory

CVE-2025-1386

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-04-11 04:27:35

Last updated 2025-04-11 16:01:28

Assigner ClickHouse

State PUBLISHED

Description

When using the ch-go library, under a specific condition when the query includes a large, uncompressed malicious external data, it is possible for an attacker in control of such data to smuggle another query packet into the connection stream.

← Browse all CVEs View on cve.org ↗