Approved changes feed: RSS · Atom

cpe:2.3:a:clickhouse:java_libraries:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorClickhouse (2f5ae108-6c1d-50d0-80c6-0358d1cc5d51)
ProductJava Libraries (fa50b690-43f0-529a-aad5-55de0a904e37)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:github/clickhouse/clickhouse-java purl2cpe 2026-06-01 10:15:21.491663
pkg:maven/com.clickhouse/clickhouse-java purl2cpe 2026-06-01 10:15:21.491667

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2024-23689 vulnerable 2026-06-08 06:29:40.267779 ClickHouse Client Certificate Password Exposure
Exposure of sensitive information in exceptions in ClichHouse's clickhouse-r2dbc, com.clickhouse:clickhouse-jdbc, and com.clickhouse:clickhouse-client versions less than 0.4.6 allows unauthorized users to gain access to client certificate passwords via client exception logs. This occurs when 'sslkey' is specified and an exception, such as a ClickHouseException or SQLException, is thrown during database operations; the certificate password is then included in the logged exception message.
Published: 2024-01-19T21:02:29.558Z
Updated: 2026-06-23T16:13:19.593Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.