Описание
SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- Third Party Advisory
- ExploitIssue TrackingVendor Advisory
- PatchVendor Advisory
- ExploitIssue TrackingThird Party Advisory
- Third Party Advisory
- ExploitIssue TrackingVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
EPSS
7.3 High
CVSS3
Дефекты
Связанные уязвимости
SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.
SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.
SQLite through 3.40.0, when relying on --safe for execution of an untr ...
EPSS
7.3 High
CVSS3