Java Libraries
Approved changes feed: RSS · Atom
cpe:2.3:a:clickhouse:java_libraries:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Clickhouse (2f5ae108-6c1d-50d0-80c6-0358d1cc5d51) |
|---|---|
| Product | Java Libraries (fa50b690-43f0-529a-aad5-55de0a904e37) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/clickhouse/clickhouse-java |
purl2cpe | 2026-06-01 10:15:21.491663 |
pkg:maven/com.clickhouse/clickhouse-java |
purl2cpe | 2026-06-01 10:15:21.491667 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-23689 |
vulnerable | 2026-06-08 06:29:40.267779 |
ClickHouse Client Certificate Password Exposure
Exposure of sensitive information in exceptions in ClichHouse's clickhouse-r2dbc, com.clickhouse:clickhouse-jdbc, and com.clickhouse:clickhouse-client versions less than 0.4.6 allows unauthorized users to gain access to client certificate passwords via client exception logs. This occurs when 'sslkey' is specified and an exception, such as a ClickHouseException or SQLException, is thrown during database operations; the certificate password is then included in the logged exception message.
Published: 2024-01-19T21:02:29.558Z
Updated: 2026-06-23T16:13:19.593Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.