Vulnerability Details CVE-2018-14672
In ClickHouse before 18.12.13, functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.1%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
Products affected by CVE-2018-14672
-
cpe:2.3:a:clickhouse:clickhouse:-
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54011
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54019
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54020
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54022
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54023
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54030
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54046
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54074
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54080
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54083
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54112
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54127
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54131
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54133
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54134
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54135
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54144
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54159
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54165
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54181
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54188
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54190
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54198
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54231
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54236
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54242
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54245
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54276
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54282
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54284
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54289
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54292
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54304
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54310
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54318
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54327
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54335
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54336
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54337
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54342
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54343
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54358
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54362
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54370
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54378
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54380
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54381
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54383
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54385
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54388
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54390
-
cpe:2.3:a:clickhouse:clickhouse:1.1.54394
-
cpe:2.3:a:clickhouse:clickhouse:18.1.0
-
cpe:2.3:a:clickhouse:clickhouse:18.10.3
-
cpe:2.3:a:clickhouse:clickhouse:18.4.0
-
cpe:2.3:a:clickhouse:clickhouse:18.5.1
-
cpe:2.3:a:clickhouse:clickhouse:18.6.0