Vulnerability Details CVE-2019-18657
ClickHouse before 19.13.5.44 allows HTTP header injection via the url table function.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.0%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
- https://github.com/ClickHouse/ClickHouse/blob/master/CHANGELOG.md
- https://github.com/ClickHouse/ClickHouse/pull/6466
- https://github.com/ClickHouse/ClickHouse/pull/7526/files
- https://github.com/ClickHouse/ClickHouse/blob/master/CHANGELOG.md
- https://github.com/ClickHouse/ClickHouse/pull/6466
- https://github.com/ClickHouse/ClickHouse/pull/7526/files
Products affected by CVE-2019-18657
-
cpe:2.3:a:yandex:clickhouse:-
-
cpe:2.3:a:yandex:clickhouse:1.1.54011
-
cpe:2.3:a:yandex:clickhouse:1.1.54019
-
cpe:2.3:a:yandex:clickhouse:1.1.54020
-
cpe:2.3:a:yandex:clickhouse:1.1.54022
-
cpe:2.3:a:yandex:clickhouse:1.1.54023
-
cpe:2.3:a:yandex:clickhouse:1.1.54030
-
cpe:2.3:a:yandex:clickhouse:1.1.54046
-
cpe:2.3:a:yandex:clickhouse:1.1.54074
-
cpe:2.3:a:yandex:clickhouse:1.1.54080
-
cpe:2.3:a:yandex:clickhouse:1.1.54083
-
cpe:2.3:a:yandex:clickhouse:1.1.54112
-
cpe:2.3:a:yandex:clickhouse:1.1.54127
-
cpe:2.3:a:yandex:clickhouse:1.1.54131
-
cpe:2.3:a:yandex:clickhouse:1.1.54133
-
cpe:2.3:a:yandex:clickhouse:1.1.54134
-
cpe:2.3:a:yandex:clickhouse:1.1.54135
-
cpe:2.3:a:yandex:clickhouse:1.1.54144
-
cpe:2.3:a:yandex:clickhouse:1.1.54159
-
cpe:2.3:a:yandex:clickhouse:1.1.54165
-
cpe:2.3:a:yandex:clickhouse:1.1.54181
-
cpe:2.3:a:yandex:clickhouse:1.1.54188
-
cpe:2.3:a:yandex:clickhouse:1.1.54190
-
cpe:2.3:a:yandex:clickhouse:1.1.54198
-
cpe:2.3:a:yandex:clickhouse:1.1.54231
-
cpe:2.3:a:yandex:clickhouse:1.1.54236
-
cpe:2.3:a:yandex:clickhouse:1.1.54242
-
cpe:2.3:a:yandex:clickhouse:1.1.54245
-
cpe:2.3:a:yandex:clickhouse:1.1.54276
-
cpe:2.3:a:yandex:clickhouse:1.1.54282
-
cpe:2.3:a:yandex:clickhouse:1.1.54284
-
cpe:2.3:a:yandex:clickhouse:1.1.54289
-
cpe:2.3:a:yandex:clickhouse:1.1.54292
-
cpe:2.3:a:yandex:clickhouse:1.1.54304
-
cpe:2.3:a:yandex:clickhouse:1.1.54310
-
cpe:2.3:a:yandex:clickhouse:1.1.54318
-
cpe:2.3:a:yandex:clickhouse:1.1.54327
-
cpe:2.3:a:yandex:clickhouse:1.1.54335
-
cpe:2.3:a:yandex:clickhouse:1.1.54336
-
cpe:2.3:a:yandex:clickhouse:1.1.54337
-
cpe:2.3:a:yandex:clickhouse:1.1.54342
-
cpe:2.3:a:yandex:clickhouse:1.1.54343
-
cpe:2.3:a:yandex:clickhouse:1.1.54358
-
cpe:2.3:a:yandex:clickhouse:1.1.54362
-
cpe:2.3:a:yandex:clickhouse:1.1.54370
-
cpe:2.3:a:yandex:clickhouse:1.1.54378
-
cpe:2.3:a:yandex:clickhouse:1.1.54380
-
cpe:2.3:a:yandex:clickhouse:1.1.54381
-
cpe:2.3:a:yandex:clickhouse:1.1.54383
-
cpe:2.3:a:yandex:clickhouse:1.1.54385
-
cpe:2.3:a:yandex:clickhouse:1.1.54388
-
cpe:2.3:a:yandex:clickhouse:1.1.54390
-
cpe:2.3:a:yandex:clickhouse:1.1.54394
-
cpe:2.3:a:yandex:clickhouse:18.1.0
-
cpe:2.3:a:yandex:clickhouse:18.10.3
-
cpe:2.3:a:yandex:clickhouse:18.12.13
-
cpe:2.3:a:yandex:clickhouse:18.12.14
-
cpe:2.3:a:yandex:clickhouse:18.12.17
-
cpe:2.3:a:yandex:clickhouse:18.14.10
-
cpe:2.3:a:yandex:clickhouse:18.14.11
-
cpe:2.3:a:yandex:clickhouse:18.14.12
-
cpe:2.3:a:yandex:clickhouse:18.14.13
-
cpe:2.3:a:yandex:clickhouse:18.14.14
-
cpe:2.3:a:yandex:clickhouse:18.14.15
-
cpe:2.3:a:yandex:clickhouse:18.14.17
-
cpe:2.3:a:yandex:clickhouse:18.14.18
-
cpe:2.3:a:yandex:clickhouse:18.14.19
-
cpe:2.3:a:yandex:clickhouse:18.14.8
-
cpe:2.3:a:yandex:clickhouse:18.14.9
-
cpe:2.3:a:yandex:clickhouse:18.16.0
-
cpe:2.3:a:yandex:clickhouse:18.16.1
-
cpe:2.3:a:yandex:clickhouse:18.4.0
-
cpe:2.3:a:yandex:clickhouse:18.5.1
-
cpe:2.3:a:yandex:clickhouse:18.6.0
-
cpe:2.3:a:yandex:clickhouse:19.1.10
-
cpe:2.3:a:yandex:clickhouse:19.1.13
-
cpe:2.3:a:yandex:clickhouse:19.1.14
-
cpe:2.3:a:yandex:clickhouse:19.1.15.73
-
cpe:2.3:a:yandex:clickhouse:19.1.16.79
-
cpe:2.3:a:yandex:clickhouse:19.1.5
-
cpe:2.3:a:yandex:clickhouse:19.1.6
-
cpe:2.3:a:yandex:clickhouse:19.1.7
-
cpe:2.3:a:yandex:clickhouse:19.1.8
-
cpe:2.3:a:yandex:clickhouse:19.1.9
-
cpe:2.3:a:yandex:clickhouse:19.10.1.5
-
cpe:2.3:a:yandex:clickhouse:19.11.10.54
-
cpe:2.3:a:yandex:clickhouse:19.11.11.57
-
cpe:2.3:a:yandex:clickhouse:19.11.12.69
-
cpe:2.3:a:yandex:clickhouse:19.11.13.74
-
cpe:2.3:a:yandex:clickhouse:19.11.2.7
-
cpe:2.3:a:yandex:clickhouse:19.11.3.11
-
cpe:2.3:a:yandex:clickhouse:19.11.4.24
-
cpe:2.3:a:yandex:clickhouse:19.11.5.28
-
cpe:2.3:a:yandex:clickhouse:19.11.6.31
-
cpe:2.3:a:yandex:clickhouse:19.11.7.40
-
cpe:2.3:a:yandex:clickhouse:19.11.8.46
-
cpe:2.3:a:yandex:clickhouse:19.11.9.52
-
cpe:2.3:a:yandex:clickhouse:19.13.1.11
-
cpe:2.3:a:yandex:clickhouse:19.13.2.19
-
cpe:2.3:a:yandex:clickhouse:19.13.3.26
-
cpe:2.3:a:yandex:clickhouse:19.13.4.32
-
cpe:2.3:a:yandex:clickhouse:19.3.3
-
cpe:2.3:a:yandex:clickhouse:19.3.4
-
cpe:2.3:a:yandex:clickhouse:19.3.5
-
cpe:2.3:a:yandex:clickhouse:19.3.6
-
cpe:2.3:a:yandex:clickhouse:19.3.7
-
cpe:2.3:a:yandex:clickhouse:19.3.8.6
-
cpe:2.3:a:yandex:clickhouse:19.3.9.12
-
cpe:2.3:a:yandex:clickhouse:19.4.0.49
-
cpe:2.3:a:yandex:clickhouse:19.4.1.3
-
cpe:2.3:a:yandex:clickhouse:19.4.2.7
-
cpe:2.3:a:yandex:clickhouse:19.4.3.11
-
cpe:2.3:a:yandex:clickhouse:19.4.4.33
-
cpe:2.3:a:yandex:clickhouse:19.4.5.35
-
cpe:2.3:a:yandex:clickhouse:19.5.2.6
-
cpe:2.3:a:yandex:clickhouse:19.5.3.8
-
cpe:2.3:a:yandex:clickhouse:19.5.4.22
-
cpe:2.3:a:yandex:clickhouse:19.6.2.11
-
cpe:2.3:a:yandex:clickhouse:19.6.3.18
-
cpe:2.3:a:yandex:clickhouse:19.7.3.9
-
cpe:2.3:a:yandex:clickhouse:19.7.5.27
-
cpe:2.3:a:yandex:clickhouse:19.7.5.29
-
cpe:2.3:a:yandex:clickhouse:19.8.3.8
-
cpe:2.3:a:yandex:clickhouse:19.9.2.4
-
cpe:2.3:a:yandex:clickhouse:19.9.3.31
-
cpe:2.3:a:yandex:clickhouse:19.9.4.34
-
cpe:2.3:a:yandex:clickhouse:19.9.5.36