Описание
In ClickHouse before 18.12.13, functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | not-affected | 18.16.1+ds-7.3build2 |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/focal | not-affected | |
| esm-infra-legacy/trusty | DNE | |
| focal | not-affected | 18.16.1+ds-7 |
| groovy | ignored | end of life |
| hirsute | ignored | end of life |
| impish | ignored | end of life |
Показывать по
10
5 Medium
CVSS2
5.3 Medium
CVSS3
Связанные уязвимости
CVSS3: 5.3
nvd
больше 6 лет назад
In ClickHouse before 18.12.13, functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages.
CVSS3: 5.3
github
больше 3 лет назад
In ClickHouse before 18.12.13, functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages.
5 Medium
CVSS2
5.3 Medium
CVSS3