CrateDB is a distributed SQL database that makes it simple to store and analyze massive amounts of data in real-time. There is a COPY FROM function in the CrateDB database that is used to import file data into database tables. This function has a flaw, and authenticated attackers can use the COPY FROM function to import arbitrary file content into database tables, resulting in information leakage.
View the template here CVE-2024-24565.yaml
References:
https://nvd.nist.gov/vuln/detail/CVE-2024-24565