Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| yandex | clickhouse | affected |
|
No data.
No data available yet.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2021-29362 | Divide-by-zero in Clickhouse's Gorilla compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0. |
Wed, 25 Jun 2025 21:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Clickhouse
Clickhouse clickhouse |
|
| CPEs | cpe:2.3:a:clickhouse:clickhouse:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Yandex
Yandex clickhouse |
Clickhouse
Clickhouse clickhouse |
MITRE
Status: PUBLISHED
Assigner: JFROG
Published:
Updated: 2024-08-04T03:30:38.353Z
Reserved: 2021-10-14T00:00:00.000Z
Link: CVE-2021-42391
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-03-14T23:15:08.113
Modified: 2025-06-25T20:49:29.357
Link: CVE-2021-42391
Redhat
No data.
OpenCVE Enrichment
No data.