Описание
The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 3.19.3-3 |
| bionic | not-affected | 3.22.0-1 |
| cosmic | not-affected | 3.22.0-1 |
| devel | not-affected | 3.22.0-1 |
| disco | not-affected | 3.22.0-1 |
| esm-infra-legacy/trusty | released | 3.8.2-1ubuntu2.2+esm1 |
| esm-infra/bionic | not-affected | 3.22.0-1 |
| esm-infra/xenial | released | 3.11.0-1ubuntu1.2 |
| precise/esm | not-affected | code not present |
| trusty | ignored | end of standard support |
Показывать по
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact.
The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact.
The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact.
The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3 ...
The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact.
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3