VYPR

rpm package

suse/sqlite3&distro=SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

pkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSS

Vulnerabilities (25)

  • CVE-2019-19645Dec 9, 2019
    affected < 3.36.0-3.12.1fixed 3.36.0-3.12.1

    alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.

  • CVE-2019-19317Dec 5, 2019
    affected < 3.36.0-3.12.1fixed 3.36.0-3.12.1

    lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other impact.

  • CVE-2019-19244Nov 25, 2019
    affected < 3.36.0-3.12.1fixed 3.36.0-3.12.1

    sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage.

  • CVE-2015-3415Apr 24, 2015
    affected < 3.36.0-3.12.1fixed 3.36.0-3.12.1

    The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as

  • CVE-2015-3414Apr 24, 2015
    affected < 3.36.0-3.12.1fixed 3.36.0-3.12.1

    SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE cla

Page 2 of 2