pkg:maven/ru.yandex.clickhouse/clickhouse-jdbc-bridge
Type
maven
Namespace
ru.yandex.clickhouse
Name
clickhouse-jdbc-bridge
Known advisories, vulnerabilities and fixes for ru.yandex.clickhouse/clickhouse-jdbc-bridge package.
High
1
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | < 2.0.7 | MAVEN:GHSA-3W6P-8F82-GW8R | Using JMSAppender in log4j configuration may lead to deserialization of untrusted data | high |
2021-12-17T20:42:38
(2 years ago) |
||
Fixed | = 2.0.7 | MAVEN:GHSA-3W6P-8F82-GW8R | Using JMSAppender in log4j configuration may lead to deserialization of untrusted data | high |
2021-12-17T20:42:38
(2 years ago) |