CVE-2018-14672

Summary

In ClickHouse before 18.12.13, functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages.

Affected Software

VendorProductVersion RangeStatus
n/aClickHouseAll versions prior to version 18.12.13.affected

Weaknesses

  • Path Traversal

ADP Enrichment

CVE Program Container

Additional References

References