Описание
An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file.
A flaw was found in SQLite. This information disclosure vulnerability exists within the zipfile extension, specifically in the zipfileInflate function. A remote attacker could exploit this by providing a specially crafted ZIP file. Successful exploitation could lead to the disclosure of sensitive heap memory information.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | sqlite | Fix deferred | ||
| Red Hat Enterprise Linux 6 | sqlite | Out of support scope | ||
| Red Hat Enterprise Linux 7 | sqlite | Fix deferred | ||
| Red Hat Enterprise Linux 8 | mingw-sqlite | Fix deferred | ||
| Red Hat Enterprise Linux 8 | nodejs:22/nodejs | Fix deferred | ||
| Red Hat Enterprise Linux 8 | nodejs:24/nodejs | Fix deferred | ||
| Red Hat Enterprise Linux 8 | rust-toolset:rhel8/rust | Fix deferred | ||
| Red Hat Enterprise Linux 8 | sqlite | Fix deferred | ||
| Red Hat Enterprise Linux 9 | nodejs:22/nodejs | Fix deferred | ||
| Red Hat Enterprise Linux 9 | nodejs:24/nodejs | Fix deferred |
Показывать по
Дополнительная информация
Статус:
3.3 Low
CVSS3
Связанные уязвимости
An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file.
An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file.
An information disclosure issue in the zipfileInflate function in the ...
An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file.
3.3 Low
CVSS3