Lucene search
K

70 matches found

Prion
Prion
added 2019/08/15 6:15 p.m.21 views

Path traversal

In ClickHouse before 18.12.13, functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages...

5CVSS5.4AI score0.01741EPSS
Exploits0References1Affected Software1
UbuntuCve
UbuntuCve
added 2019/08/15 6:15 p.m.19 views

CVE-2018-14672

In ClickHouse before 18.12.13, functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages...

5.3CVSS6.2AI score0.01741EPSS
Exploits0References2
OSV
OSV
added 2019/08/15 6:15 p.m.5 views

UBUNTU-CVE-2018-14672

In ClickHouse before 18.12.13, functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages...

5.3CVSS6.1AI score0.01741EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/08/15 5:54 p.m.28 views

CVE-2018-14672

In ClickHouse before 18.12.13, functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages...

5.5AI score0.01741EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/08/15 12:0 a.m.4 views

PT-2019-9043 · Yandex · Clickhouse

Name of the Vulnerable Software and Affected Versions: ClickHouse versions prior to 18.12.13 Description: The issue allows path traversal and reading of arbitrary files through error messages in functions for loading CatBoost models. Recommendations: For versions prior to 18.12.13, update to...

5.3CVSS5.3AI score0.01741EPSS
Exploits0References8
vulnersOsv
vulnersOsv
added 2019/03/14 3:41 p.m.7 views

ai.catboost:catboost-spark_2.3_2.11 (>=0.25 <=1.2.7), ai.h2o:sparkling-water-examples_2.11 (>=2.3.0 <=2.3.6) +165 more potentially affected by CVE-2018-1334 via org.apache.spark:spark-core_2.11 (=2.3.0)

org.apache.spark:spark-core2.11 MAVEN version =2.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.spark:spark-core2.11 and may be impacted: - ai.catboost:catboost-spark2.32.11 =0.25, =2.3.0, =2.3.0, =0.0.3, =1.0, =0.1.0, =1.0, =0.4.0,...

4.7CVSS5.8AI score0.00504EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2018/11/09 5:41 p.m.6 views

ae.teletronics.nlp:entityextraction (=1.3), ae.teletronics.nlp:w2vec (=1.0) +1038 more potentially affected by CVE-2018-11770 via org.apache.spark:spark-core_2.11 (>=1.2.0 <=2.3.2)

org.apache.spark:spark-core2.11 MAVEN version =1.2.0, =0.25, =0.42.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.3 and more Source cves: CVE-2018-11770 Source advisory: OSV:GHSA-W4R4-65MG-45X2...

4.9CVSS6AI score0.6583EPSS
Exploits2
ClickHouse
ClickHouse
added 2018/09/10 12:0 a.m.26 views

Fixed in ClickHouse Release 18.12.13, 2018-09-10 

Functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages...

5CVSS4.6AI score0.01741EPSS
Exploits0Affected Software1
ClickHouse
ClickHouse
added 2018/09/10 12:0 a.m.16 views

Fixed in ClickHouse Release 18.12.13, 2018-09-10​

Functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages...

4.6AI score
Exploits0Affected Software1
ClickHouse
ClickHouse
added 2018/09/10 12:0 a.m.15 views

CVE-2018-14672

Functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages. Andrey Krasichkov of Yandex Information Security Team...

5.3CVSS5.5AI score0.01741EPSS
Exploits0
Rows per page
Query Builder