Описание
An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this vulnerability.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | |
| cosmic | not-affected | |
| devel | released | 3.27.2-3 |
| disco | released | 3.27.2-2ubuntu0.2 |
| eoan | released | 3.27.2-3 |
| esm-infra-legacy/trusty | not-affected | |
| esm-infra/bionic | not-affected | |
| esm-infra/xenial | not-affected | |
| precise/esm | not-affected | |
| trusty/esm | not-affected |
Показывать по
EPSS
6.8 Medium
CVSS2
8.1 High
CVSS3
Связанные уязвимости
An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this vulnerability.
An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this vulnerability.
An exploitable use after free vulnerability exists in the window funct ...
An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this vulnerability.
Уязвимость системы управления базами данных SQLite, связанная с использованием памяти после освобождения, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
6.8 Medium
CVSS2
8.1 High
CVSS3