High severity7.5NVD Advisory· Published Oct 12, 2017· Updated May 13, 2026

CVE-2017-15286

Description

SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in shell.c because it fails to consider certain cases where sqlite3_step(pStmt)==SQLITE_ROW is false and a data structure is never initialized.

Affected products

SQLite/SQLite
cpe:2.3:a:sqlite:sqlite:3.20.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/Ha0Team/crash-of-sqlite3/blob/master/poc.mdnvdExploitThird Party Advisory
www.securityfocus.com/bid/101285nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000