Search criteria
45 vulnerabilities by Yandex
CVE-2024-12168 (GCVE-0-2024-12168)
Vulnerability from cvelistv5 – Published: 2025-06-02 12:44 – Updated: 2025-06-02 13:04
VLAI?
Summary
Yandex Telemost for Desktop before 2.7.0 has a DLL Hijacking Vulnerability because an untrusted search path is used.
Severity ?
CWE
- CWE-426 - Untrusted Search Path
Assigner
References
Credits
PT SWARM experts, Positive Technologies
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12168",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-02T13:04:21.551084Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-02T13:04:26.267Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Telemost",
"vendor": "Yandex",
"versions": [
{
"lessThan": "2.7.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "PT SWARM experts, Positive Technologies"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Yandex Telemost for Desktop before \u003cspan style=\"background-color: var(--wht);\"\u003e2.7.0\u0026nbsp;\u003c/span\u003ehas a DLL Hijacking Vulnerability because an untrusted search path is used.\u003cp\u003e\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "Yandex Telemost for Desktop before 2.7.0\u00a0has a DLL Hijacking Vulnerability because an untrusted search path is used."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "CWE-426 Untrusted Search Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-02T12:44:31.161Z",
"orgId": "a51c9250-e584-488d-808b-03e6f1386796",
"shortName": "yandex"
},
"references": [
{
"url": "https://yandex.com/bugbounty/i/hall-of-fame-products"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "DLL Hijacking in Yandex Telemost",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a51c9250-e584-488d-808b-03e6f1386796",
"assignerShortName": "yandex",
"cveId": "CVE-2024-12168",
"datePublished": "2025-06-02T12:44:31.161Z",
"dateReserved": "2024-12-04T14:59:57.771Z",
"dateUpdated": "2025-06-02T13:04:26.267Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26226 (GCVE-0-2023-26226)
Vulnerability from cvelistv5 – Published: 2025-05-30 17:23 – Updated: 2025-05-30 17:48
VLAI?
Summary
A use after free memory corruption issue exists in Yandex Browser for Desktop prior to version 24.4.0.682
Severity ?
CWE
- CWE-416 - Use After Free
Assigner
References
Credits
khangkito
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26226",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-30T17:48:08.779287Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-30T17:48:16.518Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"MacOS"
],
"product": "Browser",
"vendor": "Yandex",
"versions": [
{
"lessThan": "24.4.0.682",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "khangkito"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A use after free memory corruption issue exists in Yandex Browser for Desktop prior to version 24.4.0.682"
}
],
"value": "A use after free memory corruption issue exists in Yandex Browser for Desktop prior to version 24.4.0.682"
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:L/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-30T17:23:54.571Z",
"orgId": "a51c9250-e584-488d-808b-03e6f1386796",
"shortName": "yandex"
},
"references": [
{
"url": "https://yandex.com/bugbounty/i/hall-of-fame-browser/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "A use after free memory corruption issue exists in Yandex Browser for Desktop prior to version 24.4.0.682",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a51c9250-e584-488d-808b-03e6f1386796",
"assignerShortName": "yandex",
"cveId": "CVE-2023-26226",
"datePublished": "2025-05-30T17:23:54.571Z",
"dateReserved": "2023-02-20T22:19:35.320Z",
"dateUpdated": "2025-05-30T17:48:16.518Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25262 (GCVE-0-2021-25262)
Vulnerability from cvelistv5 – Published: 2025-05-21 07:07 – Updated: 2025-05-21 13:51
VLAI?
Summary
Yandex Browser for Android prior to version 21.3.0 allows remote attackers to perform IDN homograph attack.
Severity ?
CWE
- CWE-116 - Improper Encoding or Escaping of Output
Assigner
References
Credits
Kirtikumar Anandrao Ramchandani
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-25262",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-21T13:51:35.327719Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-21T13:51:43.378Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Android"
],
"product": "Browser",
"vendor": "Yandex",
"versions": [
{
"status": "affected",
"version": "21.3.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Kirtikumar Anandrao Ramchandani"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Yandex Browser for Android prior to version 21.3.0 allows remote attackers to perform IDN homograph attack."
}
],
"value": "Yandex Browser for Android prior to version 21.3.0 allows remote attackers to perform IDN homograph attack."
}
],
"impacts": [
{
"capecId": "CAPEC-113",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-113 Interface Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-116",
"description": "CWE-116 Improper Encoding or Escaping of Output",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-21T07:07:29.310Z",
"orgId": "a51c9250-e584-488d-808b-03e6f1386796",
"shortName": "yandex"
},
"references": [
{
"url": "https://yandex.com/bugbounty/i/hall-of-fame-browser/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Yandex Browser for Android prior to version 21.3.0 allows remote attackers to perform IDN homograph attack.",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a51c9250-e584-488d-808b-03e6f1386796",
"assignerShortName": "yandex",
"cveId": "CVE-2021-25262",
"datePublished": "2025-05-21T07:07:29.310Z",
"dateReserved": "2021-01-15T16:29:27.870Z",
"dateUpdated": "2025-05-21T13:51:43.378Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25255 (GCVE-0-2021-25255)
Vulnerability from cvelistv5 – Published: 2025-05-21 07:04 – Updated: 2025-05-21 14:07
VLAI?
Summary
Yandex Browser Lite for Android prior to version 21.1.0 allows remote attackers to cause a denial of service.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Yandex | Browser Lite |
Affected:
21.1.0
(custom)
|
Credits
Kirtikumar Anandrao Ramchandani
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-25255",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-21T14:07:35.324725Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-21T14:07:41.883Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Android"
],
"product": "Browser Lite",
"vendor": "Yandex",
"versions": [
{
"status": "affected",
"version": "21.1.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Kirtikumar Anandrao Ramchandani"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Yandex Browser Lite for Android prior to version 21.1.0 allows remote attackers to cause a denial of service.\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Yandex Browser Lite for Android prior to version 21.1.0 allows remote attackers to cause a denial of service."
}
],
"impacts": [
{
"capecId": "CAPEC-130",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-130 Excessive Allocation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-21T07:04:02.436Z",
"orgId": "a51c9250-e584-488d-808b-03e6f1386796",
"shortName": "yandex"
},
"references": [
{
"url": "https://yandex.com/bugbounty/i/hall-of-fame-browser/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Yandex Browser Lite for Android prior to version 21.1.0 allows remote attackers to cause a denial of service.",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a51c9250-e584-488d-808b-03e6f1386796",
"assignerShortName": "yandex",
"cveId": "CVE-2021-25255",
"datePublished": "2025-05-21T07:04:02.436Z",
"dateReserved": "2021-01-15T16:29:27.867Z",
"dateUpdated": "2025-05-21T14:07:41.883Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25254 (GCVE-0-2021-25254)
Vulnerability from cvelistv5 – Published: 2025-05-21 06:58 – Updated: 2025-05-21 22:09
VLAI?
Summary
Yandex Browser Lite for Android before 21.1.0 allows remote attackers to spoof the address bar.
Severity ?
CWE
- CWE-116 - Improper Encoding or Escaping of Output
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Yandex | Browser Lite |
Affected:
21.1.0
(custom)
|
Credits
Kirtikumar Anandrao Ramchandani
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-25254",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-21T22:09:21.003649Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-21T22:09:29.774Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Android"
],
"product": "Browser Lite",
"vendor": "Yandex",
"versions": [
{
"status": "affected",
"version": "21.1.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Kirtikumar Anandrao Ramchandani"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Yandex Browser Lite for Android before 21.1.0 allows remote attackers to spoof the address bar."
}
],
"value": "Yandex Browser Lite for Android before 21.1.0 allows remote attackers to spoof the address bar."
}
],
"impacts": [
{
"capecId": "CAPEC-113",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-113 Interface Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-116",
"description": "CWE-116 Improper Encoding or Escaping of Output",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-21T06:58:00.753Z",
"orgId": "a51c9250-e584-488d-808b-03e6f1386796",
"shortName": "yandex"
},
"references": [
{
"url": "https://yandex.com/bugbounty/i/hall-of-fame-browser/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Yandex Browser Lite for Android before 21.1.0 allows remote attackers to spoof the address bar.",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a51c9250-e584-488d-808b-03e6f1386796",
"assignerShortName": "yandex",
"cveId": "CVE-2021-25254",
"datePublished": "2025-05-21T06:58:00.753Z",
"dateReserved": "2021-01-15T16:29:27.867Z",
"dateUpdated": "2025-05-21T22:09:29.774Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6473 (GCVE-0-2024-6473)
Vulnerability from cvelistv5 – Published: 2024-09-03 10:35 – Updated: 2024-09-03 13:55
VLAI?
Summary
Yandex Browser for Desktop before 24.7.1.380 has a DLL Hijacking Vulnerability because an untrusted search path is used.
Severity ?
CWE
- CWE-426 - Untrusted Search Path
Assigner
References
Credits
Doctor Web, Ltd.
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:yandex:yandex_browser:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "yandex_browser",
"vendor": "yandex",
"versions": [
{
"lessThan": "24.7.1.380",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6473",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-03T13:50:44.729657Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-03T13:55:15.844Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Browser",
"vendor": "Yandex",
"versions": [
{
"lessThan": "24.7.1.380",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Doctor Web, Ltd."
}
],
"datePublic": "2024-09-03T09:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Yandex Browser for Desktop before 24.7.1.380 has a DLL Hijacking Vulnerability because an untrusted search path is used.\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Yandex Browser for Desktop before 24.7.1.380 has a DLL Hijacking Vulnerability because an untrusted search path is used."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "CWE-426 Untrusted Search Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-03T10:35:59.145Z",
"orgId": "a51c9250-e584-488d-808b-03e6f1386796",
"shortName": "yandex"
},
"references": [
{
"url": "https://yandex.com/bugbounty/i/hall-of-fame-browser/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "DLL Hijacking in Yandex Browser",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a51c9250-e584-488d-808b-03e6f1386796",
"assignerShortName": "yandex",
"cveId": "CVE-2024-6473",
"datePublished": "2024-09-03T10:35:59.145Z",
"dateReserved": "2024-07-03T10:56:50.777Z",
"dateUpdated": "2024-09-03T13:55:15.844Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-29751 (GCVE-0-2023-29751)
Vulnerability from cvelistv5 – Published: 2023-06-09 00:00 – Updated: 2025-01-06 19:23
VLAI?
Summary
An issue found in Yandex Navigator v.6.60 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPreference files.
Severity ?
5.5 (Medium)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:14:39.865Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29751/CVE%20detailed.md"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-29751",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-06T19:22:36.893416Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-346",
"description": "CWE-346 Origin Validation Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-06T19:23:55.271Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue found in Yandex Navigator v.6.60 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPreference files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-09T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29751/CVE%20detailed.md"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-29751",
"datePublished": "2023-06-09T00:00:00",
"dateReserved": "2023-04-07T00:00:00",
"dateUpdated": "2025-01-06T19:23:55.271Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-29749 (GCVE-0-2023-29749)
Vulnerability from cvelistv5 – Published: 2023-06-09 00:00 – Updated: 2025-01-06 18:00
VLAI?
Summary
An issue found in Yandex Navigator v.6.60 for Android allows unauthorized apps to cause escalation of privilege attacks by manipulating the SharedPreference files.
Severity ?
7.8 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:14:39.775Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29749/CVE%20detailed.md"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-29749",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-06T17:59:44.654188Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-06T18:00:09.888Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue found in Yandex Navigator v.6.60 for Android allows unauthorized apps to cause escalation of privilege attacks by manipulating the SharedPreference files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-09T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29749/CVE%20detailed.md"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-29749",
"datePublished": "2023-06-09T00:00:00",
"dateReserved": "2023-04-07T00:00:00",
"dateUpdated": "2025-01-06T18:00:09.888Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-28225 (GCVE-0-2022-28225)
Vulnerability from cvelistv5 – Published: 2022-06-15 19:10 – Updated: 2024-08-03 05:48
VLAI?
Summary
Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.684 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process.
Severity ?
No CVSS data available.
CWE
- Privilege escalation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Yandex Browser (Desktop) |
Affected:
All versions prior to version 22.3.3.684
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.339Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://yandex.com/bugbounty/i/hall-of-fame-browser/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Yandex Browser (Desktop)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions prior to version 22.3.3.684"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.684 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-15T19:10:32",
"orgId": "a51c9250-e584-488d-808b-03e6f1386796",
"shortName": "yandex"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://yandex.com/bugbounty/i/hall-of-fame-browser/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "browser-security@yandex-team.ru",
"ID": "CVE-2022-28225",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Yandex Browser (Desktop)",
"version": {
"version_data": [
{
"version_value": "All versions prior to version 22.3.3.684"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.684 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://yandex.com/bugbounty/i/hall-of-fame-browser/",
"refsource": "MISC",
"url": "https://yandex.com/bugbounty/i/hall-of-fame-browser/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a51c9250-e584-488d-808b-03e6f1386796",
"assignerShortName": "yandex",
"cveId": "CVE-2022-28225",
"datePublished": "2022-06-15T19:10:32",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-08-03T05:48:37.339Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-28226 (GCVE-0-2022-28226)
Vulnerability from cvelistv5 – Published: 2022-06-15 19:06 – Updated: 2024-08-03 05:48
VLAI?
Summary
Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.801 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating temporary files in directory with insecure permissions during Yandex Browser update process.
Severity ?
No CVSS data available.
CWE
- Privilege escalation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Yandex Browser (Desktop) |
Affected:
All versions prior to version 22.3.3.801
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.380Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://yandex.com/bugbounty/i/hall-of-fame-browser/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Yandex Browser (Desktop)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions prior to version 22.3.3.801"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.801 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating temporary files in directory with insecure permissions during Yandex Browser update process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-15T19:06:17",
"orgId": "a51c9250-e584-488d-808b-03e6f1386796",
"shortName": "yandex"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://yandex.com/bugbounty/i/hall-of-fame-browser/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "browser-security@yandex-team.ru",
"ID": "CVE-2022-28226",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Yandex Browser (Desktop)",
"version": {
"version_data": [
{
"version_value": "All versions prior to version 22.3.3.801"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.801 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating temporary files in directory with insecure permissions during Yandex Browser update process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://yandex.com/bugbounty/i/hall-of-fame-browser/",
"refsource": "MISC",
"url": "https://yandex.com/bugbounty/i/hall-of-fame-browser/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a51c9250-e584-488d-808b-03e6f1386796",
"assignerShortName": "yandex",
"cveId": "CVE-2022-28226",
"datePublished": "2022-06-15T19:06:17",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-08-03T05:48:37.380Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25261 (GCVE-0-2021-25261)
Vulnerability from cvelistv5 – Published: 2022-06-15 19:05 – Updated: 2024-08-03 19:56
VLAI?
Summary
Local privilege vulnerability in Yandex Browser for Windows prior to 22.5.0.862 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process.
Severity ?
No CVSS data available.
CWE
- Privilege escalation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Yandex Browser (Desktop) |
Affected:
All versions prior to version 22.5.0.862
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:56:11.090Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://yandex.com/bugbounty/i/hall-of-fame-browser/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Yandex Browser (Desktop)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions prior to version 22.5.0.862"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Local privilege vulnerability in Yandex Browser for Windows prior to 22.5.0.862 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-15T19:05:54",
"orgId": "a51c9250-e584-488d-808b-03e6f1386796",
"shortName": "yandex"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://yandex.com/bugbounty/i/hall-of-fame-browser/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "browser-security@yandex-team.ru",
"ID": "CVE-2021-25261",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Yandex Browser (Desktop)",
"version": {
"version_data": [
{
"version_value": "All versions prior to version 22.5.0.862"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Local privilege vulnerability in Yandex Browser for Windows prior to 22.5.0.862 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://yandex.com/bugbounty/i/hall-of-fame-browser/",
"refsource": "MISC",
"url": "https://yandex.com/bugbounty/i/hall-of-fame-browser/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a51c9250-e584-488d-808b-03e6f1386796",
"assignerShortName": "yandex",
"cveId": "CVE-2021-25261",
"datePublished": "2022-06-15T19:05:54",
"dateReserved": "2021-01-15T00:00:00",
"dateUpdated": "2024-08-03T19:56:11.090Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42391 (GCVE-0-2021-42391)
Vulnerability from cvelistv5 – Published: 2022-03-14 22:20 – Updated: 2024-08-04 03:30
VLAI?
Summary
Divide-by-zero in Clickhouse's Gorilla compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| yandex | clickhouse |
Affected:
unspecified , < 21.10.2.15-stable
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:30:38.353Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "clickhouse",
"vendor": "yandex",
"versions": [
{
"lessThan": "21.10.2.15-stable",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Divide-by-zero in Clickhouse\u0027s Gorilla compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-369",
"description": "CWE-369",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-14T22:20:33",
"orgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d",
"shortName": "JFROG"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@jfrog.com",
"ID": "CVE-2021-42391",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "clickhouse",
"version": {
"version_data": [
{
"platform": "",
"version_affected": "\u003c",
"version_name": "",
"version_value": "21.10.2.15-stable"
}
]
}
}
]
},
"vendor_name": "yandex"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Divide-by-zero in Clickhouse\u0027s Gorilla compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-369"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms",
"refsource": "MISC",
"url": "https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d",
"assignerShortName": "JFROG",
"cveId": "CVE-2021-42391",
"datePublished": "2022-03-14T22:20:33",
"dateReserved": "2021-10-14T00:00:00",
"dateUpdated": "2024-08-04T03:30:38.353Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42390 (GCVE-0-2021-42390)
Vulnerability from cvelistv5 – Published: 2022-03-14 22:20 – Updated: 2024-08-04 03:30
VLAI?
Summary
Divide-by-zero in Clickhouse's DeltaDouble compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| yandex | clickhouse |
Affected:
unspecified , < 21.10.2.15-stable
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:30:38.448Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "clickhouse",
"vendor": "yandex",
"versions": [
{
"lessThan": "21.10.2.15-stable",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Divide-by-zero in Clickhouse\u0027s DeltaDouble compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-369",
"description": "CWE-369",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-14T22:20:31",
"orgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d",
"shortName": "JFROG"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@jfrog.com",
"ID": "CVE-2021-42390",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "clickhouse",
"version": {
"version_data": [
{
"platform": "",
"version_affected": "\u003c",
"version_name": "",
"version_value": "21.10.2.15-stable"
}
]
}
}
]
},
"vendor_name": "yandex"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Divide-by-zero in Clickhouse\u0027s DeltaDouble compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-369"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms",
"refsource": "MISC",
"url": "https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d",
"assignerShortName": "JFROG",
"cveId": "CVE-2021-42390",
"datePublished": "2022-03-14T22:20:31",
"dateReserved": "2021-10-14T00:00:00",
"dateUpdated": "2024-08-04T03:30:38.448Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42389 (GCVE-0-2021-42389)
Vulnerability from cvelistv5 – Published: 2022-03-14 22:20 – Updated: 2024-08-04 03:30
VLAI?
Summary
Divide-by-zero in Clickhouse's Delta compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| yandex | clickhouse |
Affected:
unspecified , < 21.10.2.15-stable
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:30:38.260Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "clickhouse",
"vendor": "yandex",
"versions": [
{
"lessThan": "21.10.2.15-stable",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Divide-by-zero in Clickhouse\u0027s Delta compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-369",
"description": "CWE-369",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-14T22:20:30",
"orgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d",
"shortName": "JFROG"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@jfrog.com",
"ID": "CVE-2021-42389",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "clickhouse",
"version": {
"version_data": [
{
"platform": "",
"version_affected": "\u003c",
"version_name": "",
"version_value": "21.10.2.15-stable"
}
]
}
}
]
},
"vendor_name": "yandex"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Divide-by-zero in Clickhouse\u0027s Delta compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-369"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms",
"refsource": "MISC",
"url": "https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d",
"assignerShortName": "JFROG",
"cveId": "CVE-2021-42389",
"datePublished": "2022-03-14T22:20:30",
"dateReserved": "2021-10-14T00:00:00",
"dateUpdated": "2024-08-04T03:30:38.260Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-43305 (GCVE-0-2021-43305)
Vulnerability from cvelistv5 – Published: 2022-03-14 00:00 – Updated: 2024-08-04 03:55
VLAI?
Summary
Heap buffer overflow in Clickhouse's LZ4 compression codec when parsing a malicious query. There is no verification that the copy operations in the LZ4::decompressImpl loop and especially the arbitrary copy operation wildCopy<copy_amount>(op, ip, copy_end), don’t exceed the destination buffer’s limits. This issue is very similar to CVE-2021-43304, but the vulnerable copy operation is in a different wildCopy call.
Severity ?
No CVSS data available.
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| yandex | clickhouse |
Affected:
unspecified , < 21.10.2.15-stable
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:55:29.085Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms"
},
{
"name": "[debian-lts-announce] 20221104 [SECURITY] [DLA 3176-1] clickhouse security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "clickhouse",
"vendor": "yandex",
"versions": [
{
"lessThan": "21.10.2.15-stable",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Heap buffer overflow in Clickhouse\u0027s LZ4 compression codec when parsing a malicious query. There is no verification that the copy operations in the LZ4::decompressImpl loop and especially the arbitrary copy operation wildCopy\u003ccopy_amount\u003e(op, ip, copy_end), don\u2019t exceed the destination buffer\u2019s limits. This issue is very similar to CVE-2021-43304, but the vulnerable copy operation is in a different wildCopy call."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-04T00:00:00",
"orgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d",
"shortName": "JFROG"
},
"references": [
{
"url": "https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms"
},
{
"name": "[debian-lts-announce] 20221104 [SECURITY] [DLA 3176-1] clickhouse security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00002.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d",
"assignerShortName": "JFROG",
"cveId": "CVE-2021-43305",
"datePublished": "2022-03-14T00:00:00",
"dateReserved": "2021-11-03T00:00:00",
"dateUpdated": "2024-08-04T03:55:29.085Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42388 (GCVE-0-2021-42388)
Vulnerability from cvelistv5 – Published: 2022-03-14 00:00 – Updated: 2024-08-04 03:30
VLAI?
Summary
Heap out-of-bounds read in Clickhouse's LZ4 compression codec when parsing a malicious query. As part of the LZ4::decompressImpl() loop, a 16-bit unsigned user-supplied value ('offset') is read from the compressed data. The offset is later used in the length of a copy operation, without checking the lower bounds of the source of the copy operation.
Severity ?
No CVSS data available.
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| yandex | clickhouse |
Affected:
unspecified , < 21.10.2.15-stable
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:30:38.323Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms"
},
{
"name": "[debian-lts-announce] 20221104 [SECURITY] [DLA 3176-1] clickhouse security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "clickhouse",
"vendor": "yandex",
"versions": [
{
"lessThan": "21.10.2.15-stable",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Heap out-of-bounds read in Clickhouse\u0027s LZ4 compression codec when parsing a malicious query. As part of the LZ4::decompressImpl() loop, a 16-bit unsigned user-supplied value (\u0027offset\u0027) is read from the compressed data. The offset is later used in the length of a copy operation, without checking the lower bounds of the source of the copy operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-04T00:00:00",
"orgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d",
"shortName": "JFROG"
},
"references": [
{
"url": "https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms"
},
{
"name": "[debian-lts-announce] 20221104 [SECURITY] [DLA 3176-1] clickhouse security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00002.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d",
"assignerShortName": "JFROG",
"cveId": "CVE-2021-42388",
"datePublished": "2022-03-14T00:00:00",
"dateReserved": "2021-10-14T00:00:00",
"dateUpdated": "2024-08-04T03:30:38.323Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42387 (GCVE-0-2021-42387)
Vulnerability from cvelistv5 – Published: 2022-03-14 00:00 – Updated: 2024-08-04 03:30
VLAI?
Summary
Heap out-of-bounds read in Clickhouse's LZ4 compression codec when parsing a malicious query. As part of the LZ4::decompressImpl() loop, a 16-bit unsigned user-supplied value ('offset') is read from the compressed data. The offset is later used in the length of a copy operation, without checking the upper bounds of the source of the copy operation.
Severity ?
No CVSS data available.
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| yandex | clickhouse |
Affected:
unspecified , < 21.10.2.15-stable
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:30:38.465Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms"
},
{
"name": "[debian-lts-announce] 20221104 [SECURITY] [DLA 3176-1] clickhouse security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "clickhouse",
"vendor": "yandex",
"versions": [
{
"lessThan": "21.10.2.15-stable",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Heap out-of-bounds read in Clickhouse\u0027s LZ4 compression codec when parsing a malicious query. As part of the LZ4::decompressImpl() loop, a 16-bit unsigned user-supplied value (\u0027offset\u0027) is read from the compressed data. The offset is later used in the length of a copy operation, without checking the upper bounds of the source of the copy operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-04T00:00:00",
"orgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d",
"shortName": "JFROG"
},
"references": [
{
"url": "https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms"
},
{
"name": "[debian-lts-announce] 20221104 [SECURITY] [DLA 3176-1] clickhouse security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00002.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d",
"assignerShortName": "JFROG",
"cveId": "CVE-2021-42387",
"datePublished": "2022-03-14T00:00:00",
"dateReserved": "2021-10-14T00:00:00",
"dateUpdated": "2024-08-04T03:30:38.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-43304 (GCVE-0-2021-43304)
Vulnerability from cvelistv5 – Published: 2022-03-14 00:00 – Updated: 2024-08-04 03:55
VLAI?
Summary
Heap buffer overflow in Clickhouse's LZ4 compression codec when parsing a malicious query. There is no verification that the copy operations in the LZ4::decompressImpl loop and especially the arbitrary copy operation wildCopy<copy_amount>(op, ip, copy_end), don’t exceed the destination buffer’s limits.
Severity ?
No CVSS data available.
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| yandex | clickhouse |
Affected:
unspecified , < 21.10.2.15-stable
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:55:28.381Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms"
},
{
"name": "[debian-lts-announce] 20221104 [SECURITY] [DLA 3176-1] clickhouse security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "clickhouse",
"vendor": "yandex",
"versions": [
{
"lessThan": "21.10.2.15-stable",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Heap buffer overflow in Clickhouse\u0027s LZ4 compression codec when parsing a malicious query. There is no verification that the copy operations in the LZ4::decompressImpl loop and especially the arbitrary copy operation wildCopy\u003ccopy_amount\u003e(op, ip, copy_end), don\u2019t exceed the destination buffer\u2019s limits."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-04T00:00:00",
"orgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d",
"shortName": "JFROG"
},
"references": [
{
"url": "https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms"
},
{
"name": "[debian-lts-announce] 20221104 [SECURITY] [DLA 3176-1] clickhouse security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00002.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d",
"assignerShortName": "JFROG",
"cveId": "CVE-2021-43304",
"datePublished": "2022-03-14T00:00:00",
"dateReserved": "2021-11-03T00:00:00",
"dateUpdated": "2024-08-04T03:55:28.381Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-27970 (GCVE-0-2020-27970)
Vulnerability from cvelistv5 – Published: 2021-09-13 11:46 – Updated: 2024-08-04 16:25
VLAI?
Summary
Yandex Browser before 20.10.0 allows remote attackers to spoof the address bar
Severity ?
No CVSS data available.
CWE
- User Interface (UI) Misrepresentation of Critical Information
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Yandex Browser Lite for Android |
Affected:
All versions prior to version 20.10.0.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:25:44.126Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://yandex.com/bugbounty/i/hall-of-fame-browser/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Yandex Browser Lite for Android",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions prior to version 20.10.0."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Yandex Browser before 20.10.0 allows remote attackers to spoof the address bar"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "User Interface (UI) Misrepresentation of Critical Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-13T11:46:00",
"orgId": "a51c9250-e584-488d-808b-03e6f1386796",
"shortName": "yandex"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://yandex.com/bugbounty/i/hall-of-fame-browser/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "browser-security@yandex-team.ru",
"ID": "CVE-2020-27970",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Yandex Browser Lite for Android",
"version": {
"version_data": [
{
"version_value": "All versions prior to version 20.10.0."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Yandex Browser before 20.10.0 allows remote attackers to spoof the address bar"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "User Interface (UI) Misrepresentation of Critical Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://yandex.com/bugbounty/i/hall-of-fame-browser/",
"refsource": "MISC",
"url": "https://yandex.com/bugbounty/i/hall-of-fame-browser/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a51c9250-e584-488d-808b-03e6f1386796",
"assignerShortName": "yandex",
"cveId": "CVE-2020-27970",
"datePublished": "2021-09-13T11:46:00",
"dateReserved": "2020-10-28T00:00:00",
"dateUpdated": "2024-08-04T16:25:44.126Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-27969 (GCVE-0-2020-27969)
Vulnerability from cvelistv5 – Published: 2021-09-13 11:44 – Updated: 2024-08-04 16:25
VLAI?
Summary
Yandex Browser for Android 20.8.4 allows remote attackers to perform SOP bypass and addresss bar spoofing
Severity ?
No CVSS data available.
CWE
- User Interface (UI) Misrepresentation of Critical Information
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Yandex Browser for Android |
Affected:
All versions prior to version 20.8.4.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:25:44.099Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://yandex.com/bugbounty/i/hall-of-fame-browser/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Yandex Browser for Android",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions prior to version 20.8.4."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Yandex Browser for Android 20.8.4 allows remote attackers to perform SOP bypass and addresss bar spoofing"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "User Interface (UI) Misrepresentation of Critical Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-13T11:44:01",
"orgId": "a51c9250-e584-488d-808b-03e6f1386796",
"shortName": "yandex"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://yandex.com/bugbounty/i/hall-of-fame-browser/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "browser-security@yandex-team.ru",
"ID": "CVE-2020-27969",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Yandex Browser for Android",
"version": {
"version_data": [
{
"version_value": "All versions prior to version 20.8.4."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Yandex Browser for Android 20.8.4 allows remote attackers to perform SOP bypass and addresss bar spoofing"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "User Interface (UI) Misrepresentation of Critical Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://yandex.com/bugbounty/i/hall-of-fame-browser/",
"refsource": "MISC",
"url": "https://yandex.com/bugbounty/i/hall-of-fame-browser/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a51c9250-e584-488d-808b-03e6f1386796",
"assignerShortName": "yandex",
"cveId": "CVE-2020-27969",
"datePublished": "2021-09-13T11:44:01",
"dateReserved": "2020-10-28T00:00:00",
"dateUpdated": "2024-08-04T16:25:44.099Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25263 (GCVE-0-2021-25263)
Vulnerability from cvelistv5 – Published: 2021-08-17 18:34 – Updated: 2024-08-03 19:56
VLAI?
Summary
Local privilege vulnerability in Yandex Browser for Windows prior to 21.9.0.390 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating files in directory with insecure permissions during Yandex Browser update process.
Severity ?
No CVSS data available.
CWE
- Privilege escalation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Yandex Browser (Desktop) |
Affected:
All versions prior to version 21.9.0.390
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:56:11.179Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://yandex.com/bugbounty/i/hall-of-fame-browser/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Yandex Browser (Desktop)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions prior to version 21.9.0.390"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Local privilege vulnerability in Yandex Browser for Windows prior to 21.9.0.390 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating files in directory with insecure permissions during Yandex Browser update process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-15T19:06:06",
"orgId": "a51c9250-e584-488d-808b-03e6f1386796",
"shortName": "yandex"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://yandex.com/bugbounty/i/hall-of-fame-browser/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "browser-security@yandex-team.ru",
"ID": "CVE-2021-25263",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Yandex Browser (Desktop)",
"version": {
"version_data": [
{
"version_value": "All versions prior to version 21.9.0.390"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Local privilege vulnerability in Yandex Browser for Windows prior to 21.9.0.390 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating files in directory with insecure permissions during Yandex Browser update process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://yandex.com/bugbounty/i/hall-of-fame-browser/",
"refsource": "MISC",
"url": "https://yandex.com/bugbounty/i/hall-of-fame-browser/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a51c9250-e584-488d-808b-03e6f1386796",
"assignerShortName": "yandex",
"cveId": "CVE-2021-25263",
"datePublished": "2021-08-17T18:34:04",
"dateReserved": "2021-01-15T00:00:00",
"dateUpdated": "2024-08-03T19:56:11.179Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-24428 (GCVE-0-2021-24428)
Vulnerability from cvelistv5 – Published: 2021-08-02 10:31 – Updated: 2024-08-03 19:28
VLAI?
Summary
The RSS for Yandex Turbo WordPress plugin through 1.30 does not sanitise or escape some of its settings before saving and outputing them in the admin dashboard, leading to an Authenticated Stored Cross-Site Scripting issue even when the unfiltered_html capability is disallowed.
Severity ?
No CVSS data available.
CWE
- CWE-79 - Cross-site Scripting (XSS)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | RSS for Yandex Turbo |
Affected:
1.30 , ≤ 1.30
(custom)
|
Credits
m0ze
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:28:23.805Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/9fcf6ebe-01d9-4730-a20e-58b192bb6d87"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://m0ze.ru/vulnerability/%5B2021-04-23%5D-%5BWordPress%5D-%5BCWE-79%5D-RSS-for-Yandex-Turbo-WordPress-Plugin-v1.30.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "RSS for Yandex Turbo",
"vendor": "Unknown",
"versions": [
{
"lessThanOrEqual": "1.30",
"status": "affected",
"version": "1.30",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "m0ze"
}
],
"descriptions": [
{
"lang": "en",
"value": "The RSS for Yandex Turbo WordPress plugin through 1.30 does not sanitise or escape some of its settings before saving and outputing them in the admin dashboard, leading to an Authenticated Stored Cross-Site Scripting issue even when the unfiltered_html capability is disallowed."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-02T10:31:55",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/9fcf6ebe-01d9-4730-a20e-58b192bb6d87"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://m0ze.ru/vulnerability/%5B2021-04-23%5D-%5BWordPress%5D-%5BCWE-79%5D-RSS-for-Yandex-Turbo-WordPress-Plugin-v1.30.txt"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "RSS for Yandex Turbo \u003c= 1.30 - Authenticated Stored XSS",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24428",
"STATE": "PUBLIC",
"TITLE": "RSS for Yandex Turbo \u003c= 1.30 - Authenticated Stored XSS"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "RSS for Yandex Turbo",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "1.30",
"version_value": "1.30"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "m0ze"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The RSS for Yandex Turbo WordPress plugin through 1.30 does not sanitise or escape some of its settings before saving and outputing them in the admin dashboard, leading to an Authenticated Stored Cross-Site Scripting issue even when the unfiltered_html capability is disallowed."
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/9fcf6ebe-01d9-4730-a20e-58b192bb6d87",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/9fcf6ebe-01d9-4730-a20e-58b192bb6d87"
},
{
"name": "https://m0ze.ru/vulnerability/[2021-04-23]-[WordPress]-[CWE-79]-RSS-for-Yandex-Turbo-WordPress-Plugin-v1.30.txt",
"refsource": "MISC",
"url": "https://m0ze.ru/vulnerability/[2021-04-23]-[WordPress]-[CWE-79]-RSS-for-Yandex-Turbo-WordPress-Plugin-v1.30.txt"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24428",
"datePublished": "2021-08-02T10:31:55",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:28:23.805Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-7369 (GCVE-0-2020-7369)
Vulnerability from cvelistv5 – Published: 2020-10-20 16:40 – Updated: 2024-09-17 01:21
VLAI?
Summary
User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of the Yandex Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects the Yandex Browser version 20.8.3 and prior versions, and was fixed in version 20.8.4 released October 1, 2020.
Severity ?
4.3 (Medium)
CWE
- CWE-451 - User Interface (UI) Misrepresentation of Critical Information
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Yandex | Yandex Browser |
Affected:
20.8.3 , ≤ 20.8.3
(custom)
|
Credits
This issue was discovered by Rafay Baloch, and disclosed in accordance with Rapid7's coordinated vulnerability disclosure policy at https://www.rapid7.com/security/disclosure#zeroday
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:25:49.087Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.rafaybaloch.com/2020/10/multiple-address-bar-spoofing-vulnerabilities.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.rapid7.com/2020/10/20/vulntober-multiple-mobile-browser-address-bar-spoofing-vulnerabilities/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Yandex Browser",
"vendor": "Yandex",
"versions": [
{
"lessThanOrEqual": "20.8.3",
"status": "affected",
"version": "20.8.3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Rafay Baloch, and disclosed in accordance with Rapid7\u0027s coordinated vulnerability disclosure policy at https://www.rapid7.com/security/disclosure#zeroday"
}
],
"datePublic": "2020-10-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of the Yandex Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects the Yandex Browser version 20.8.3 and prior versions, and was fixed in version 20.8.4 released October 1, 2020."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-451",
"description": "CWE-451 User Interface (UI) Misrepresentation of Critical Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-20T16:40:24",
"orgId": "9974b330-7714-4307-a722-5648477acda7",
"shortName": "rapid7"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.rafaybaloch.com/2020/10/multiple-address-bar-spoofing-vulnerabilities.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.rapid7.com/2020/10/20/vulntober-multiple-mobile-browser-address-bar-spoofing-vulnerabilities/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Yandex Browser Address Bar Spooofing",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@rapid7.com",
"DATE_PUBLIC": "2020-10-20T13:00:00.000Z",
"ID": "CVE-2020-7369",
"STATE": "PUBLIC",
"TITLE": "Yandex Browser Address Bar Spooofing"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Yandex Browser",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "20.8.3",
"version_value": "20.8.3"
}
]
}
}
]
},
"vendor_name": "Yandex"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "This issue was discovered by Rafay Baloch, and disclosed in accordance with Rapid7\u0027s coordinated vulnerability disclosure policy at https://www.rapid7.com/security/disclosure#zeroday"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of the Yandex Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects the Yandex Browser version 20.8.3 and prior versions, and was fixed in version 20.8.4 released October 1, 2020."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-451 User Interface (UI) Misrepresentation of Critical Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.rafaybaloch.com/2020/10/multiple-address-bar-spoofing-vulnerabilities.html",
"refsource": "MISC",
"url": "https://www.rafaybaloch.com/2020/10/multiple-address-bar-spoofing-vulnerabilities.html"
},
{
"name": "https://blog.rapid7.com/2020/10/20/vulntober-multiple-mobile-browser-address-bar-spoofing-vulnerabilities/",
"refsource": "MISC",
"url": "https://blog.rapid7.com/2020/10/20/vulntober-multiple-mobile-browser-address-bar-spoofing-vulnerabilities/"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9974b330-7714-4307-a722-5648477acda7",
"assignerShortName": "rapid7",
"cveId": "CVE-2020-7369",
"datePublished": "2020-10-20T16:40:24.201075Z",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-09-17T01:21:44.428Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-15024 (GCVE-0-2019-15024)
Vulnerability from cvelistv5 – Published: 2019-12-30 14:39 – Updated: 2024-08-05 00:34
VLAI?
Summary
In all versions of ClickHouse before 19.14.3, an attacker having write access to ZooKeeper and who is able to run a custom server available from the network where ClickHouse runs, can create a custom-built malicious server that will act as a ClickHouse replica and register it in ZooKeeper. When another replica will fetch data part from the malicious replica, it can force clickhouse-server to write to arbitrary path on filesystem.
Severity ?
No CVSS data available.
CWE
- Arbitrary write
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | ClickHouse |
Affected:
All versions prior to version 19.14.3.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:34:53.024Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://clickhouse.yandex/docs/en/security_changelog/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ClickHouse",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions prior to version 19.14.3."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In all versions of ClickHouse before 19.14.3, an attacker having write access to ZooKeeper and who is able to run a custom server available from the network where ClickHouse runs, can create a custom-built malicious server that will act as a ClickHouse replica and register it in ZooKeeper. When another replica will fetch data part from the malicious replica, it can force clickhouse-server to write to arbitrary path on filesystem."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary write",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-30T14:39:00",
"orgId": "a51c9250-e584-488d-808b-03e6f1386796",
"shortName": "yandex"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://clickhouse.yandex/docs/en/security_changelog/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "browser-security@yandex-team.ru",
"ID": "CVE-2019-15024",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClickHouse",
"version": {
"version_data": [
{
"version_value": "All versions prior to version 19.14.3."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In all versions of ClickHouse before 19.14.3, an attacker having write access to ZooKeeper and who is able to run a custom server available from the network where ClickHouse runs, can create a custom-built malicious server that will act as a ClickHouse replica and register it in ZooKeeper. When another replica will fetch data part from the malicious replica, it can force clickhouse-server to write to arbitrary path on filesystem."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://clickhouse.yandex/docs/en/security_changelog/",
"refsource": "MISC",
"url": "https://clickhouse.yandex/docs/en/security_changelog/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a51c9250-e584-488d-808b-03e6f1386796",
"assignerShortName": "yandex",
"cveId": "CVE-2019-15024",
"datePublished": "2019-12-30T14:39:00",
"dateReserved": "2019-08-13T00:00:00",
"dateUpdated": "2024-08-05T00:34:53.024Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-16535 (GCVE-0-2019-16535)
Vulnerability from cvelistv5 – Published: 2019-12-30 14:35 – Updated: 2024-08-05 01:17
VLAI?
Summary
In all versions of ClickHouse before 19.14, an OOB read, OOB write and integer underflow in decompression algorithms can be used to achieve RCE or DoS via native protocol.
Severity ?
No CVSS data available.
CWE
- DOS, RCE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | ClickHouse |
Affected:
All versions prior to version 19.14.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:17:40.278Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://clickhouse.yandex/docs/en/security_changelog/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ClickHouse",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions prior to version 19.14."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In all versions of ClickHouse before 19.14, an OOB read, OOB write and integer underflow in decompression algorithms can be used to achieve RCE or DoS via native protocol."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DOS, RCE",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-30T14:35:21",
"orgId": "a51c9250-e584-488d-808b-03e6f1386796",
"shortName": "yandex"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://clickhouse.yandex/docs/en/security_changelog/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "browser-security@yandex-team.ru",
"ID": "CVE-2019-16535",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClickHouse",
"version": {
"version_data": [
{
"version_value": "All versions prior to version 19.14."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In all versions of ClickHouse before 19.14, an OOB read, OOB write and integer underflow in decompression algorithms can be used to achieve RCE or DoS via native protocol."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DOS, RCE"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://clickhouse.yandex/docs/en/security_changelog/",
"refsource": "MISC",
"url": "https://clickhouse.yandex/docs/en/security_changelog/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a51c9250-e584-488d-808b-03e6f1386796",
"assignerShortName": "yandex",
"cveId": "CVE-2019-16535",
"datePublished": "2019-12-30T14:35:21",
"dateReserved": "2019-09-19T00:00:00",
"dateUpdated": "2024-08-05T01:17:40.278Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18657 (GCVE-0-2019-18657)
Vulnerability from cvelistv5 – Published: 2019-10-31 18:55 – Updated: 2024-08-05 01:54
VLAI?
Summary
ClickHouse before 19.13.5.44 allows HTTP header injection via the url table function.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:54:14.471Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/ClickHouse/ClickHouse/pull/6466"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/ClickHouse/ClickHouse/blob/master/CHANGELOG.md"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/ClickHouse/ClickHouse/pull/7526/files"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ClickHouse before 19.13.5.44 allows HTTP header injection via the url table function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-31T18:55:55",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ClickHouse/ClickHouse/pull/6466"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ClickHouse/ClickHouse/blob/master/CHANGELOG.md"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ClickHouse/ClickHouse/pull/7526/files"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18657",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ClickHouse before 19.13.5.44 allows HTTP header injection via the url table function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/ClickHouse/ClickHouse/pull/6466",
"refsource": "MISC",
"url": "https://github.com/ClickHouse/ClickHouse/pull/6466"
},
{
"name": "https://github.com/ClickHouse/ClickHouse/blob/master/CHANGELOG.md",
"refsource": "MISC",
"url": "https://github.com/ClickHouse/ClickHouse/blob/master/CHANGELOG.md"
},
{
"name": "https://github.com/ClickHouse/ClickHouse/pull/7526/files",
"refsource": "MISC",
"url": "https://github.com/ClickHouse/ClickHouse/pull/7526/files"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18657",
"datePublished": "2019-10-31T18:55:55",
"dateReserved": "2019-10-31T00:00:00",
"dateUpdated": "2024-08-05T01:54:14.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-14672 (GCVE-0-2018-14672)
Vulnerability from cvelistv5 – Published: 2019-08-15 17:54 – Updated: 2024-08-05 09:38
VLAI?
Summary
In ClickHouse before 18.12.13, functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages.
Severity ?
No CVSS data available.
CWE
- Path Traversal
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | ClickHouse |
Affected:
All versions prior to version 18.12.13.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:38:13.336Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://clickhouse.yandex/docs/en/security_changelog/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ClickHouse",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions prior to version 18.12.13."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ClickHouse before 18.12.13, functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Path Traversal",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-15T17:54:05",
"orgId": "a51c9250-e584-488d-808b-03e6f1386796",
"shortName": "yandex"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://clickhouse.yandex/docs/en/security_changelog/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "browser-security@yandex-team.ru",
"ID": "CVE-2018-14672",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClickHouse",
"version": {
"version_data": [
{
"version_value": "All versions prior to version 18.12.13."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In ClickHouse before 18.12.13, functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Path Traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://clickhouse.yandex/docs/en/security_changelog/",
"refsource": "MISC",
"url": "https://clickhouse.yandex/docs/en/security_changelog/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a51c9250-e584-488d-808b-03e6f1386796",
"assignerShortName": "yandex",
"cveId": "CVE-2018-14672",
"datePublished": "2019-08-15T17:54:05",
"dateReserved": "2018-07-27T00:00:00",
"dateUpdated": "2024-08-05T09:38:13.336Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-14671 (GCVE-0-2018-14671)
Vulnerability from cvelistv5 – Published: 2019-08-15 17:46 – Updated: 2024-08-05 09:38
VLAI?
Summary
In ClickHouse before 18.10.3, unixODBC allowed loading arbitrary shared objects from the file system which led to a Remote Code Execution vulnerability.
Severity ?
No CVSS data available.
CWE
- Remote Code Execution
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ClickHouse | ClickHouse |
Affected:
All versions prior to version 18.10.3.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:38:12.939Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://clickhouse.yandex/docs/en/security_changelog/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ClickHouse",
"vendor": "ClickHouse",
"versions": [
{
"status": "affected",
"version": "All versions prior to version 18.10.3."
}
]
}
],
"datePublic": "2019-08-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In ClickHouse before 18.10.3, unixODBC allowed loading arbitrary shared objects from the file system which led to a Remote Code Execution vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-15T17:46:03",
"orgId": "a51c9250-e584-488d-808b-03e6f1386796",
"shortName": "yandex"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://clickhouse.yandex/docs/en/security_changelog/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "browser-security@yandex-team.ru",
"ID": "CVE-2018-14671",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClickHouse",
"version": {
"version_data": [
{
"version_value": "All versions prior to version 18.10.3."
}
]
}
}
]
},
"vendor_name": "ClickHouse"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In ClickHouse before 18.10.3, unixODBC allowed loading arbitrary shared objects from the file system which led to a Remote Code Execution vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://clickhouse.yandex/docs/en/security_changelog/",
"refsource": "CONFIRM",
"url": "https://clickhouse.yandex/docs/en/security_changelog/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a51c9250-e584-488d-808b-03e6f1386796",
"assignerShortName": "yandex",
"cveId": "CVE-2018-14671",
"datePublished": "2019-08-15T17:46:03",
"dateReserved": "2018-07-27T00:00:00",
"dateUpdated": "2024-08-05T09:38:12.939Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-14669 (GCVE-0-2018-14669)
Vulnerability from cvelistv5 – Published: 2019-08-15 17:39 – Updated: 2024-08-05 09:38
VLAI?
Summary
ClickHouse MySQL client before versions 1.1.54390 had "LOAD DATA LOCAL INFILE" functionality enabled that allowed a malicious MySQL database read arbitrary files from the connected ClickHouse server.
Severity ?
No CVSS data available.
CWE
- Local File Disclosure
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | ClickHouse |
Affected:
All versions prior to version 1.1.54390.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:38:12.908Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://clickhouse.yandex/docs/en/security_changelog/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ClickHouse",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions prior to version 1.1.54390."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ClickHouse MySQL client before versions 1.1.54390 had \"LOAD DATA LOCAL INFILE\" functionality enabled that allowed a malicious MySQL database read arbitrary files from the connected ClickHouse server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Local File Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-15T17:39:30",
"orgId": "a51c9250-e584-488d-808b-03e6f1386796",
"shortName": "yandex"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://clickhouse.yandex/docs/en/security_changelog/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "browser-security@yandex-team.ru",
"ID": "CVE-2018-14669",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClickHouse",
"version": {
"version_data": [
{
"version_value": "All versions prior to version 1.1.54390."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ClickHouse MySQL client before versions 1.1.54390 had \"LOAD DATA LOCAL INFILE\" functionality enabled that allowed a malicious MySQL database read arbitrary files from the connected ClickHouse server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Local File Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://clickhouse.yandex/docs/en/security_changelog/",
"refsource": "MISC",
"url": "https://clickhouse.yandex/docs/en/security_changelog/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a51c9250-e584-488d-808b-03e6f1386796",
"assignerShortName": "yandex",
"cveId": "CVE-2018-14669",
"datePublished": "2019-08-15T17:39:30",
"dateReserved": "2018-07-27T00:00:00",
"dateUpdated": "2024-08-05T09:38:12.908Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-14668 (GCVE-0-2018-14668)
Vulnerability from cvelistv5 – Published: 2019-08-15 17:31 – Updated: 2024-08-05 09:38
VLAI?
Summary
In ClickHouse before 1.1.54388, "remote" table function allowed arbitrary symbols in "user", "password" and "default_database" fields which led to Cross Protocol Request Forgery Attacks.
Severity ?
No CVSS data available.
CWE
- Cross Protocol Request Forgery
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | ClickHouse |
Affected:
All versions prior to version 1.1.54388.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:38:12.930Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://clickhouse.yandex/docs/en/security_changelog/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ClickHouse",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions prior to version 1.1.54388."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In ClickHouse before 1.1.54388, \"remote\" table function allowed arbitrary symbols in \"user\", \"password\" and \"default_database\" fields which led to Cross Protocol Request Forgery Attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross Protocol Request Forgery",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-15T17:31:24",
"orgId": "a51c9250-e584-488d-808b-03e6f1386796",
"shortName": "yandex"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://clickhouse.yandex/docs/en/security_changelog/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "browser-security@yandex-team.ru",
"ID": "CVE-2018-14668",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClickHouse",
"version": {
"version_data": [
{
"version_value": "All versions prior to version 1.1.54388."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In ClickHouse before 1.1.54388, \"remote\" table function allowed arbitrary symbols in \"user\", \"password\" and \"default_database\" fields which led to Cross Protocol Request Forgery Attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross Protocol Request Forgery"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://clickhouse.yandex/docs/en/security_changelog/",
"refsource": "MISC",
"url": "https://clickhouse.yandex/docs/en/security_changelog/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a51c9250-e584-488d-808b-03e6f1386796",
"assignerShortName": "yandex",
"cveId": "CVE-2018-14668",
"datePublished": "2019-08-15T17:31:24",
"dateReserved": "2018-07-27T00:00:00",
"dateUpdated": "2024-08-05T09:38:12.930Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}