CVE-2022-35737

Опубликовано: 03 авг. 2022

Источник: ubuntu

Приоритет: medium

EPSS Средний

CVSS3: 7.5

Описание

SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.

Релиз	Статус	Примечание
bionic	not-affected	code not present
devel	DNE
esm-apps/bionic	not-affected	code not present
esm-apps/focal	not-affected	code not present
esm-apps/jammy	not-affected	code not present
esm-apps/xenial	needed
esm-infra-legacy/trusty	not-affected	code not present
focal	not-affected	code not present
jammy	not-affected	code not present
kinetic	not-affected	code not present

Показывать по

Релиз	Статус	Примечание
bionic	released	3.22.0-1ubuntu0.7
devel	not-affected	3.39.3-1
esm-infra-legacy/trusty	not-affected	3.8.2-1ubuntu2.2+esm3
esm-infra/bionic	not-affected	3.22.0-1ubuntu0.7
esm-infra/focal	not-affected	3.31.1-4ubuntu0.5
esm-infra/xenial	released	3.11.0-1ubuntu1.5+esm2
focal	released	3.31.1-4ubuntu0.5
jammy	released	3.37.2-2ubuntu0.1
kinetic	not-affected	3.39.3-1
lunar	not-affected	3.39.3-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 98%

0.65609

Средний

7.5 High

CVSS3

Связанные уязвимости

CVE-2022-35737

CVSS3: 5.9

redhat

почти 3 года назад

SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.

CVE-2022-35737

CVSS3: 7.5

nvd

почти 3 года назад

SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.

CVE-2022-35737

msrc

больше 1 года назад

MITRE: CVE-2022-35737 SQLite allows an array-bounds overflow

CVE-2022-35737

CVSS3: 7.5

debian

почти 3 года назад

SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-b ...

RLSA-2023:0339

rocky

больше 2 лет назад

Moderate: sqlite security update

EPSS

Процентиль: 98%

0.65609

Средний

7.5 High

CVSS3

CVE-2022-35737

Описание

Пакет sqlite

Пакет sqlite3

Ссылки на источники

Связанные уязвимости