Описание
SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.
A flaw was found in the virtual table implementation of SQLite. This flaw allows an attacker who can execute SQL statements to rename a virtual table to the name of one of its shadow tables, leading to potential data corruption.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | sqlite | Out of support scope | ||
| Red Hat Enterprise Linux 6 | sqlite | Out of support scope | ||
| Red Hat Enterprise Linux 7 | sqlite | Will not fix | ||
| Red Hat Enterprise Linux 8 | sqlite | Fixed | RHSA-2020:4442 | 04.11.2020 |
| Red Hat Enterprise Linux 8 | mingw-binutils | Fixed | RHSA-2021:1968 | 18.05.2021 |
| Red Hat Enterprise Linux 8 | mingw-bzip2 | Fixed | RHSA-2021:1968 | 18.05.2021 |
| Red Hat Enterprise Linux 8 | mingw-filesystem | Fixed | RHSA-2021:1968 | 18.05.2021 |
| Red Hat Enterprise Linux 8 | mingw-sqlite | Fixed | RHSA-2021:1968 | 18.05.2021 |
| Red Hat Enterprise Linux 8 | sqlite | Fixed | RHSA-2020:4442 | 04.11.2020 |
Показывать по
Дополнительная информация
Статус:
EPSS
5.5 Medium
CVSS3
Связанные уязвимости
SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.
SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.
SQLite before 3.32.0 allows a virtual table to be renamed to the name ...
SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.
EPSS
5.5 Medium
CVSS3