Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2023-7104

Опубликовано: 29 дек. 2023
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5.2
CVSS3: 5.5

Описание

A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999.

РелизСтатусПримечание
bionic

ignored

end of standard support
devel

DNE

esm-apps/bionic

not-affected

code not present
esm-apps/focal

not-affected

code not present
esm-apps/jammy

not-affected

code not present
esm-apps/xenial

not-affected

code not present
esm-infra-legacy/trusty

not-affected

code not present
focal

not-affected

code not present
jammy

not-affected

code not present
lunar

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support
devel

not-affected

3.44.2-1
esm-infra-legacy/trusty

not-affected

code not present
esm-infra/bionic

released

3.22.0-1ubuntu0.7+esm1
esm-infra/focal

not-affected

3.31.1-4ubuntu0.6
esm-infra/xenial

not-affected

code not present
focal

released

3.31.1-4ubuntu0.6
jammy

released

3.37.2-2ubuntu0.3
lunar

released

3.40.1-1ubuntu0.1
mantic

released

3.42.0-1ubuntu0.1

Показывать по

EPSS

Процентиль: 30%
0.00109
Низкий

5.2 Medium

CVSS2

5.5 Medium

CVSS3

Связанные уязвимости

CVSS3: 7.3
redhat
больше 1 года назад

A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999.

CVSS3: 5.5
nvd
больше 1 года назад

A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999.

CVSS3: 7.3
msrc
больше 1 года назад

Описание отсутствует

CVSS3: 5.5
debian
больше 1 года назад

A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classifie ...

rocky
больше 1 года назад

Moderate: sqlite security update

EPSS

Процентиль: 30%
0.00109
Низкий

5.2 Medium

CVSS2

5.5 Medium

CVSS3