Arbitrary File Read Vulnerability in ClickHouse Functions for Loading CatBoost Models
CVE-2018-14672 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
In ClickHouse before 18.12.13, functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages.
Learn more about our Web Application Penetration Testing UK.