CVE-2018-14672

Summary: 
In ClickHouse before 18.12.13, functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages.
Published: 
Thursday, August 15, 2019 - 14:15
cvss: