Unrated severityNVD Advisory· Published Apr 9, 2020· Updated Aug 4, 2024
CVE-2020-11656
CVE-2020-11656
Description
In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.
Affected products
1- SQLite/SQLitedescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
11- security.freebsd.org/advisories/FreeBSD-SA-20:22.sqlite.ascmitrevendor-advisoryx_refsource_FREEBSD
- security.gentoo.org/glsa/202007-26mitrevendor-advisoryx_refsource_GENTOO
- cert-portal.siemens.com/productcert/pdf/ssa-389290.pdfmitrex_refsource_CONFIRM
- security.netapp.com/advisory/ntap-20200416-0001/mitrex_refsource_CONFIRM
- www.oracle.com/security-alerts/cpuApr2021.htmlmitrex_refsource_MISC
- www.oracle.com/security-alerts/cpujan2021.htmlmitrex_refsource_MISC
- www.oracle.com/security-alerts/cpujul2020.htmlmitrex_refsource_MISC
- www.oracle.com/security-alerts/cpuoct2020.htmlmitrex_refsource_MISC
- www.sqlite.org/src/info/d09f8c3621d5f7f8mitrex_refsource_MISC
- www.tenable.com/security/tns-2021-14mitrex_refsource_CONFIRM
- www3.sqlite.org/cgi/src/info/b64674919f673602mitrex_refsource_MISC
News mentions
1- ABB B&R Automation StudioCISA ICS Advisories