CVE-2019-18657

CVE-2019-18657

ClickHouse before 19.13.5.44 allows HTTP header injection via the url table function.

Source: CVE-2019-18657