Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2024-0232

Опубликовано: 16 янв. 2024
Источник: debian
EPSS Низкий

Описание

A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
sqlite3fixed3.43.2-1package
sqlite3not-affectedbookwormpackage
sqlite3not-affectedbullseyepackage
sqlite3not-affectedbusterpackage

Примечания

  • https://bugzilla.redhat.com/show_bug.cgi?id=2243754

  • https://sqlite.org/forum/forumpost/4aa381993a

  • https://sqlite.org/forum/forumpost/b25edc1d46

  • https://sqlite.org/src/info/a163fecca90cab9d (v3.43.2)

  • Introduced by: https://sqlite.org/src/info/2dbb22c75e86f2e3 (v3.43.0)

EPSS

Процентиль: 4%
0.00018
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2024-0232

CVSS3: 4.7
ubuntu
около 2 лет назад

A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.

redhat логотип

CVE-2024-0232

CVSS3: 4.7
redhat
больше 2 лет назад

A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.

nvd логотип

CVE-2024-0232

CVSS3: 4.7
nvd
около 2 лет назад

A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.

github логотип

GHSA-3r49-2w65-cxgr

CVSS3: 4.7
github
около 2 лет назад

A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.

EPSS

Процентиль: 4%
0.00018
Низкий