Описание
A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges (e.g., is intentionally allowed to execute commands). This report does NOT imply any problem in the SQLite library.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | code not present |
| devel | not-affected | code not present |
| esm-apps/bionic | not-affected | code not present |
| esm-apps/focal | not-affected | code not present |
| esm-apps/jammy | not-affected | code not present |
| esm-apps/xenial | not-affected | code not present |
| esm-infra-legacy/trusty | not-affected | code not present |
| focal | not-affected | code not present |
| hirsute | ignored | end of life |
| impish | not-affected | code not present |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 3.22.0-1ubuntu0.5 |
| devel | not-affected | 3.36.0-2 |
| esm-infra-legacy/trusty | not-affected | code not present |
| esm-infra/bionic | released | 3.22.0-1ubuntu0.5 |
| esm-infra/focal | released | 3.31.1-4ubuntu0.3 |
| esm-infra/xenial | not-affected | code not present |
| focal | released | 3.31.1-4ubuntu0.3 |
| hirsute | ignored | end of life |
| impish | released | 3.35.5-1ubuntu0.1 |
| jammy | not-affected | 3.36.0-2 |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges (e.g., is intentionally allowed to execute commands). This report does NOT imply any problem in the SQLite library.
A segmentation fault can occur in the sqlite3.exe command-line compone ...
Segmentation fault vulnerability in SQLite sqlite3 3.36.0 via the idxGetTableInfo function, in which a crafted SQL query can cause a denial of service
Уязвимость функции idxGetTableInfo компонента командной строки встраиваемой СУБД SQLite, связанная с чтением за допустимыми границами буфера данных, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
5 Medium
CVSS2
7.5 High
CVSS3