Approved changes feed: RSS · Atom

cpe:2.3:a:clickhouse:ch:*:*:*:*:*:go:*:*

part: a version: * update: *

VendorClickhouse (2f5ae108-6c1d-50d0-80c6-0358d1cc5d51)
ProductCh (030d78c8-f86e-5a68-8729-06ca7490d6e8)
Edition*
Language*
Software edition*
Target softwarego
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:docker/clickhouse/clickhouse purl2cpe 2026-06-01 10:15:21.841560
pkg:github/clickhouse/clickhouse purl2cpe 2026-06-01 10:15:21.841562

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-1386 vulnerable 2026-06-08 07:08:36.699565 Query smuggling in ch-go library
When using the ch-go library, under a specific condition when the query includes a large, uncompressed malicious external data, it is possible for an attacker in control of such data to smuggle another query packet into the connection stream.
Published: 2025-04-11T04:27:35.846Z
Updated: 2025-04-11T16:01:28.660Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.