CVE-2021-42391
N/A
N/A
Summary
Divide-by-zero in Clickhouse's Gorilla compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| yandex | clickhouse | unspecified < 21.10.2.15-stable | affected |
Weaknesses
- CWE-369: CWE-369
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.