VYPR

Go modules package

github.com/clickhouse/ch-go

pkg:golang/github.com/clickhouse/ch-go

Vulnerabilities (1)

  • CVE-2025-1386Apr 11, 2025
    affected < 0.65.0fixed 0.65.0

    When using the ch-go library, under a specific condition when the query includes a large, uncompressed malicious external data, it is possible for an attacker in control of such data to smuggle another query packet into the connection stream.