Unrated severityNVD Advisory· Published Aug 15, 2019· Updated Aug 5, 2024
CVE-2018-14672
CVE-2018-14672
Description
In ClickHouse before 18.12.13, functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages.
Affected products
2- ClickHouse/ClickHousedescription
- Range: < 18.12.13
Patches
Vulnerability mechanics
References
1- clickhouse.yandex/docs/en/security_changelog/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.