rpm package
suse/sqlite3&distro=SUSE Linux Enterprise Module for Basesystem 15 SP3
pkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3
Vulnerabilities (23)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-19244 | — | < 3.36.0-3.12.1 | 3.36.0-3.12.1 | Nov 25, 2019 | sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage. | ||
| CVE-2015-3415 | — | < 3.36.0-3.12.1 | 3.36.0-3.12.1 | Apr 24, 2015 | The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as | ||
| CVE-2015-3414 | — | < 3.36.0-3.12.1 | 3.36.0-3.12.1 | Apr 24, 2015 | SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE cla |
- CVE-2019-19244Nov 25, 2019affected < 3.36.0-3.12.1fixed 3.36.0-3.12.1
sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage.
- CVE-2015-3415Apr 24, 2015affected < 3.36.0-3.12.1fixed 3.36.0-3.12.1
The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as
- CVE-2015-3414Apr 24, 2015affected < 3.36.0-3.12.1fixed 3.36.0-3.12.1
SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE cla
Page 2 of 2