Unrated severityNVD Advisory· Published Apr 9, 2020· Updated Aug 4, 2024
CVE-2020-11656
CVE-2020-11656
Description
In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10- SQLite/SQLitedescription
- osv-coords8 versionspkg:apk/chainguard/mysql-8.0pkg:apk/chainguard/mysql-8.0-bitnami-compatpkg:apk/chainguard/mysql-8.0-clientpkg:apk/chainguard/mysql-8.0-devpkg:apk/chainguard/mysql-8.0-iamguarded-compatpkg:apk/chainguard/mysql-8.0-oci-entrypointpkg:apk/chainguard/mysql-8.0-oci-entrypoint-compatpkg:bitnami/sqlite
< 8.0.38-r0+ 7 more
- (no CPE)range: < 8.0.38-r0
- (no CPE)range: < 8.0.38-r0
- (no CPE)range: < 8.0.38-r0
- (no CPE)range: < 8.0.38-r0
- (no CPE)range: < 8.0.38-r0
- (no CPE)range: < 8.0.38-r0
- (no CPE)range: < 8.0.38-r0
- (no CPE)range: < 3.31.2
Patches
Vulnerability mechanics
References
11- security.freebsd.org/advisories/FreeBSD-SA-20:22.sqlite.ascmitrevendor-advisoryx_refsource_FREEBSD
- security.gentoo.org/glsa/202007-26mitrevendor-advisoryx_refsource_GENTOO
- cert-portal.siemens.com/productcert/pdf/ssa-389290.pdfmitrex_refsource_CONFIRM
- security.netapp.com/advisory/ntap-20200416-0001/mitrex_refsource_CONFIRM
- www.oracle.com/security-alerts/cpuApr2021.htmlmitrex_refsource_MISC
- www.oracle.com/security-alerts/cpujan2021.htmlmitrex_refsource_MISC
- www.oracle.com/security-alerts/cpujul2020.htmlmitrex_refsource_MISC
- www.oracle.com/security-alerts/cpuoct2020.htmlmitrex_refsource_MISC
- www.sqlite.org/src/info/d09f8c3621d5f7f8mitrex_refsource_MISC
- www.tenable.com/security/tns-2021-14mitrex_refsource_CONFIRM
- www3.sqlite.org/cgi/src/info/b64674919f673602mitrex_refsource_MISC
News mentions
1- ABB B&R Automation StudioCISA ICS Advisories