CVE-2018-14672

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2018-14672
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-14672.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-14672
Downstream
Published
2019-08-15T18:15:13.930Z
Modified
2026-04-10T04:17:23.232603Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

In ClickHouse before 18.12.13, functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages.

References

Affected packages

Git / github.com/clickhouse/clickhouse

Affected ranges

Type
GIT
Repo
https://github.com/clickhouse/clickhouse
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
5772699e9c461d1c5f9f0a6f6f24cd29d3035e17
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "18.12.13"
        }
    ]
}

Affected versions

Other
53973
53974
53975
53976
53977
53978
53979
53980
53981
53982
53983
53984
53985
53986
53987
53988
53989
53990
53991
53992
53993
53994
53995
53996
53997
53999
54000
54001
54002
54003
54004
54005
54006
54007
54008
54009
54010
54011
v1.*
v1.1.1-testing
v1.1.3-testing
v1.1.54011-stable
v1.1.54011-testing
v1.1.54012-testing
v1.1.54015-testing
v1.1.54016-testing
v1.1.54017-testing
v1.1.54018-testing
v1.1.54019-stable
v1.1.54019-testing
v1.1.54020-stable
v1.1.54020-testing
v1.1.54021-testing
v1.1.54022-stable
v1.1.54022-testing
v1.1.54025-testing
v1.1.54026-testing
v1.1.54027-testing
v1.1.54028-testing
v1.1.54029-testing
v1.1.54030-stable
v1.1.54030-testing
v1.1.54031-testing
v1.1.54033-testing
v1.1.54034-testing
v1.1.54035-testing
v1.1.54036-testing
v1.1.54037-testing
v1.1.54038-testing
v1.1.54039-testing
v1.1.54040-testing
v1.1.54041-testing
v1.1.54042-testing
v1.1.54043-testing
v1.1.54044-testing
v1.1.54045-testing
v1.1.54047-testing
v1.1.54048-testing
v1.1.54049-testing
v1.1.54050-testing
v1.1.54051-testing
v1.1.54052-testing
v1.1.54053-testing
v1.1.54054-testing
v1.1.54055-testing
v1.1.54056-testing
v1.1.54057-testing
v1.1.54060-testing
v1.1.54064-testing
v1.1.54068-testing
v1.1.54069-testing
v1.1.54070-testing
v1.1.54072-testing
v1.1.54073-testing
v1.1.54074-stable
v1.1.54074-testing
v1.1.54076-testing
v1.1.54077-testing
v1.1.54078-testing
v1.1.54079-testing
v1.1.54080-stable
v1.1.54080-testing
v1.1.54083-stable
v1.1.54083-testing
v1.1.54092-testing
v1.1.54093-testing
v1.1.54095-testing
v1.1.54096-testing
v1.1.54097-testing
v1.1.54098-testing
v1.1.54099-testing
v1.1.54100-testing
v1.1.54101-testing
v1.1.54102-testing
v1.1.54103-testing
v1.1.54104-testing
v1.1.54105-testing
v1.1.54106-testing
v1.1.54107-testing
v1.1.54108-testing
v1.1.54109-testing
v1.1.54110-testing
v1.1.54111-testing
v1.1.54112-stable
v1.1.54112-testing
v1.1.54113-testing
v1.1.54115-testing
v1.1.54197-testing
v1.1.54199-testing
v1.1.54200-testing
v1.1.54201-testing
v1.1.54202-testing
v1.1.54203-testing
v1.1.54204-testing
v1.1.54207-testing
v1.1.54209-testing
v1.1.54210-testing
v1.1.54211-testing
v1.1.54212-testing
v1.1.54223-testing
v1.1.54225-testing
v1.1.54226-testing
v1.1.54227-testing
v1.1.54228-testing
v1.1.54229-testing
v1.1.54230-testing
v1.1.54232-testing
v1.1.54233-testing
v1.1.54236-stable
v1.1.54236-testing
v1.1.54238-testing
v1.1.54240-testing
v1.1.54241-testing
v1.1.54242-stable
v1.1.54242-testing
v1.1.54243-testing
v1.1.54246-testing
v1.1.54247-testing
v1.1.54248-testing
v1.1.54251-testing
v1.1.54252-testing
v1.1.54253-testing
v1.1.54259-testing
v1.1.54260-testing
v1.1.54262-testing
v1.1.54263-testing
v1.1.54265-testing
v1.1.54267-testing
v1.1.54268-testing
v1.1.54269-testing
v1.1.54271-testing
v1.1.54273-testing
v1.1.54274-testing
v1.1.54278-testing
v1.1.54279-testing
v1.1.54280-testing
v1.1.54286-testing
v1.1.54292-stable
v1.1.54292-testing
v1.1.54297-testing
v1.1.54300-testing
v1.1.54307-testing
v1.1.54308-testing
v1.1.54310-stable
v1.1.54310-testing
v1.1.54312-testing
v1.1.54322-testing
v1.1.54323-testing
v1.1.54324-testing
v1.1.54325-testing
v1.1.54326-testing
v1.1.54329-testing
v1.1.54330-testing
v1.1.54331-testing
v1.1.54332-testing
v1.1.54333-testing
v1.1.54334-testing
v1.1.54335-stable
v1.1.54335-testing
v1.1.54336-stable
v1.1.54336-testing
v1.1.54337-stable
v1.1.54337-testing
v1.1.54338-testing
v1.1.54339-testing
v1.1.54340-testing
v1.1.54341-testing
v1.1.54342-stable
v1.1.54342-testing
v1.1.54343-stable
v1.1.54343-testing
v1.1.54344-testing
v1.1.54345-testing
v1.1.54346-testing
v1.1.54347-testing
v1.1.54348-testing
v1.1.54349-testing
v1.1.54350-testing
v1.1.54353-testing
v1.1.54354-testing
v1.1.54355-testing
v1.1.54356-testing
v1.1.54358-stable
v1.1.54358-testing
v1.1.54362-stable
v1.1.54362-testing
v1.1.54363-testing
v1.1.54364-testing
v1.1.54365-testing
v1.1.54366-testing
v1.1.54369-testing
v1.1.54370-stable
v1.1.54370-testing
v1.1.54371-testing
v1.1.54373-testing
v1.1.54376-testing
v1.1.54377-testing
v1.1.54378-stable
v1.1.54378-testing
v1.1.54380-stable
v1.1.54380-testing
v1.1.54386-testing
v1.1.54387-testing
v1.1.54388-stable
v1.1.54388-testing
v1.1.54390-stable
v1.1.54390-testing
v1.1.54391-testing
v1.1.54393-testing
v1.1.54394-stable
v1.1.54394-testing
v1.1.54396-testing
v1.1.54397-testing
v1.1.54398-testing
v18.*
v18.1.0-stable
v18.1.0-testing
v18.10.0-testing
v18.10.2-testing
v18.10.3-stable
v18.10.3-testing
v18.12.0-testing
v18.12.1-testing
v18.12.12-testing
v18.12.2-testing
v18.12.3-testing
v18.12.5-testing
v18.12.7-testing
v18.2.0-testing
v18.4.0-stable
v18.4.0-testing
v18.5.0-testing
v18.6.0-stable
v18.6.0-testing
v18.7.0-testing
v18.8.0-testing
v18.9.0-testing

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-14672.json"