CVE-2022-46908

Опубликовано: 12 дек. 2022

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS3: 7.3

Описание

SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.

Релиз	Статус	Примечание
bionic	not-affected	code not present
devel	DNE
esm-apps/bionic	not-affected	code not present
esm-apps/focal	not-affected	code not present
esm-apps/jammy	not-affected	code not present
esm-apps/xenial	not-affected	code not present
esm-infra-legacy/trusty	not-affected	code not present
focal	not-affected	code not present
jammy	not-affected	code not present
kinetic	not-affected	code not present

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	code not present
devel	not-affected	3.40.1-1
esm-infra-legacy/trusty	not-affected	code not present
esm-infra/bionic	not-affected	code not present
esm-infra/focal	not-affected	code not present
esm-infra/xenial	not-affected	code not present
focal	not-affected	code not present
jammy	released	3.37.2-2ubuntu0.3
kinetic	ignored	end of life, was needed
lunar	not-affected	3.40.1-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 28%

0.00097

Низкий

7.3 High

CVSS3

Связанные уязвимости

CVE-2022-46908

CVSS3: 7.3

redhat

почти 3 года назад

CVE-2022-46908

CVSS3: 7.3

nvd

почти 3 года назад

CVE-2022-46908

CVSS3: 7.3

msrc

почти 3 года назад

SQLite through 3.40.0 when relying on --safe for execution of an untrusted CLI script does not properly implement the azProhibitedFunctions protection mechanism and instead allows UDF functions such as WRITEFILE.

CVE-2022-46908

CVSS3: 7.3

debian

почти 3 года назад

SQLite through 3.40.0, when relying on --safe for execution of an untr ...

SUSE-SU-2023:2668-1

suse-cvrf

больше 2 лет назад

Security update for sqlite3

EPSS

Процентиль: 28%

0.00097

Низкий

7.3 High

CVSS3

CVE-2022-46908

Описание

Пакет sqlite

Пакет sqlite3

Ссылки на источники

Связанные уязвимости