Описание
The package sqlite3 before 5.0.3 are vulnerable to Denial of Service (DoS) which will invoke the toString function of the passed parameter. If passed an invalid Function object it will throw and crash the V8 engine.
A vulnerability was found in sqlite3. The flaw occurs due to a segmentation fault of an invalid toString() object. Users experience a fatal error when supplying a specific object in the parameter array due to this issue.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | sqlite | Not affected | ||
| Red Hat Enterprise Linux 7 | sqlite | Not affected | ||
| Red Hat Enterprise Linux 8 | sqlite | Not affected | ||
| Red Hat Enterprise Linux 9 | sqlite | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
The package sqlite3 before 5.0.3 are vulnerable to Denial of Service (DoS) which will invoke the toString function of the passed parameter. If passed an invalid Function object it will throw and crash the V8 engine.
The package sqlite3 before 5.0.3 are vulnerable to Denial of Service (DoS) which will invoke the toString function of the passed parameter. If passed an invalid Function object it will throw and crash the V8 engine.
The package sqlite3 before 5.0.3 are vulnerable to Denial of Service ( ...
Denial-of-Service when binding invalid parameters in sqlite3
Уязвимость компонента V8 системы управления базами данных SQLite позволяющая нарушителю вызвать отказ в обслуживании
EPSS
7.5 High
CVSS3