Описание
SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c.
A NULL pointer dereference flaw was found in SQLite when rewriting select statements for window functions. This flaw allows an attacker who can execute SQL statements, to crash the application, resulting in a denial of service.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | sqlite | Out of support scope | ||
| Red Hat Enterprise Linux 6 | sqlite | Out of support scope | ||
| Red Hat Enterprise Linux 7 | sqlite | Will not fix | ||
| Red Hat Enterprise Linux 8 | sqlite | Fixed | RHSA-2021:4396 | 09.11.2021 |
| Red Hat Enterprise Linux 8 | sqlite | Fixed | RHSA-2021:4396 | 09.11.2021 |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-476
https://bugzilla.redhat.com/show_bug.cgi?id=1841231sqlite: NULL pointer dereference in sqlite3ExprCodeTarget()
EPSS
Процентиль: 3%
0.0002
Низкий
5.5 Medium
CVSS3
Связанные уязвимости
CVSS3: 5.5
ubuntu
около 5 лет назад
SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c.
CVSS3: 5.5
nvd
около 5 лет назад
SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c.
CVSS3: 5.5
debian
около 5 лет назад
SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarge ...
CVSS3: 5.5
github
около 3 лет назад
SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c.
EPSS
Процентиль: 3%
0.0002
Низкий
5.5 Medium
CVSS3