From thehackernews.com
Researchers have disclosed seven new security vulnerabilities in an open-source database management system solution called ClickHouse that could be weaponized to crash the servers, leak memory contents, and even lead to the execution of arbitrary code.
“The vulnerabilities require authentication, but can be triggered by any user with read permissions,” Uriya Yavnieli and Or Peles, researchers from DevSecOps firm JFrog, said in a report published Tuesday.