CVE-2024-41672 | DuckDB up to 1.0.0 /etc/hosts sniff_csv information disclosure (GHSA-w2gf-jxc9-pf2q)

A vulnerability has been found in DuckDB up to 1.0.0 and classified as problematic. This vulnerability affects the function sniff_csv of the file /etc/hosts. The manipulation leads to information disclosure.

This vulnerability was named CVE-2024-41672. The attack can be initiated remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-41672 | DuckDB up to 1.0.0 /etc/hosts sniff_csv information disclosure (GHSA-w2gf-jxc9-pf2q)