Описание
In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3_db_config (in the C-language API) can cause a denial of service (application crash). An sz*nBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect.
Ссылки
- Third Party Advisory
- Patch
- Third Party Advisory
- Release Notes
- Vendor Advisory
Уязвимые конфигурации
EPSS
5.6 Medium
CVSS3
7.5 High
CVSS3
Дефекты
Связанные уязвимости
In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3_db_config (in the C-language API) can cause a denial of service (application crash). An sz*nBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect.
In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3_db_config (in the C-language API) can cause a denial of service (application crash). An sz*nBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect.
In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3_db_ ...
An issue in sqlite v.3.49.0 allows an attacker to cause a denial of service via the SQLITE_DBCONFIG_LOOKASIDE component
Уязвимость функции sqlite3_db_config() файла sqlite3.c системы управления базами данных SQLite, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
5.6 Medium
CVSS3
7.5 High
CVSS3