rpm package
suse/sqlite3&distro=SUSE OpenStack Cloud 8
pkg:rpm/suse/sqlite3&distro=SUSE%20OpenStack%20Cloud%208
Vulnerabilities (28)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-15358 | Med | 5.5 | < 3.36.0-9.18.1 | 3.36.0-9.18.1 | Jun 27, 2020 | In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. | |
| CVE-2020-13632 | Med | 5.5 | < 3.36.0-9.18.1 | 3.36.0-9.18.1 | May 27, 2020 | ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. | |
| CVE-2020-13631 | Med | 5.5 | < 3.36.0-9.18.1 | 3.36.0-9.18.1 | May 27, 2020 | SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. | |
| CVE-2020-13630 | Hig | 7.0 | < 3.36.0-9.18.1 | 3.36.0-9.18.1 | May 27, 2020 | ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. | |
| CVE-2020-13435 | Med | 5.5 | < 3.36.0-9.18.1 | 3.36.0-9.18.1 | May 24, 2020 | SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. | |
| CVE-2020-13434 | Med | 5.5 | < 3.36.0-9.18.1 | 3.36.0-9.18.1 | May 24, 2020 | SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. | |
| CVE-2020-9327 | Hig | 7.5 | < 3.36.0-9.18.1 | 3.36.0-9.18.1 | Feb 21, 2020 | In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations. | |
| CVE-2019-19959 | Hig | 7.5 | < 3.36.0-9.18.1 | 3.36.0-9.18.1 | Jan 3, 2020 | ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind. | |
| CVE-2019-20218 | Hig | 7.5 | < 3.36.0-9.18.1 | 3.36.0-9.18.1 | Jan 2, 2020 | selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error. | |
| CVE-2019-19925 | Hig | 7.5 | < 3.36.0-9.18.1 | 3.36.0-9.18.1 | Dec 24, 2019 | zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive. | |
| CVE-2019-19924 | Med | 5.3 | < 3.36.0-9.18.1 | 3.36.0-9.18.1 | Dec 24, 2019 | SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling. | |
| CVE-2019-19923 | Hig | 7.5 | < 3.36.0-9.18.1 | 3.36.0-9.18.1 | Dec 24, 2019 | flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results). | |
| CVE-2019-19926 | Hig | 7.5 | < 3.36.0-9.18.1 | 3.36.0-9.18.1 | Dec 23, 2019 | multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880. | |
| CVE-2019-19880 | Hig | 7.5 | < 3.36.0-9.18.1 | 3.36.0-9.18.1 | Dec 18, 2019 | exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled. | |
| CVE-2019-19646 | Cri | 9.8 | < 3.36.0-9.18.1 | 3.36.0-9.18.1 | Dec 9, 2019 | pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns. | |
| CVE-2019-19603 | Hig | 7.5 | < 3.36.0-9.18.1 | 3.36.0-9.18.1 | Dec 9, 2019 | SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash. | |
| CVE-2019-19645 | Med | 5.5 | < 3.36.0-9.18.1 | 3.36.0-9.18.1 | Dec 9, 2019 | alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements. | |
| CVE-2019-19317 | Cri | 9.8 | < 3.36.0-9.18.1 | 3.36.0-9.18.1 | Dec 5, 2019 | lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other impact. | |
| CVE-2019-19244 | Hig | 7.5 | < 3.36.0-9.18.1 | 3.36.0-9.18.1 | Nov 25, 2019 | sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage. | |
| CVE-2019-16168 | Med | 6.5 | < 3.36.0-9.18.1 | 3.36.0-9.18.1 | Sep 9, 2019 | In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner." |
- affected < 3.36.0-9.18.1fixed 3.36.0-9.18.1
In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.
- affected < 3.36.0-9.18.1fixed 3.36.0-9.18.1
ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.
- affected < 3.36.0-9.18.1fixed 3.36.0-9.18.1
SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.
- affected < 3.36.0-9.18.1fixed 3.36.0-9.18.1
ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.
- affected < 3.36.0-9.18.1fixed 3.36.0-9.18.1
SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c.
- affected < 3.36.0-9.18.1fixed 3.36.0-9.18.1
SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.
- affected < 3.36.0-9.18.1fixed 3.36.0-9.18.1
In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.
- affected < 3.36.0-9.18.1fixed 3.36.0-9.18.1
ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind.
- affected < 3.36.0-9.18.1fixed 3.36.0-9.18.1
selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.
- affected < 3.36.0-9.18.1fixed 3.36.0-9.18.1
zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.
- affected < 3.36.0-9.18.1fixed 3.36.0-9.18.1
SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling.
- affected < 3.36.0-9.18.1fixed 3.36.0-9.18.1
flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).
- affected < 3.36.0-9.18.1fixed 3.36.0-9.18.1
multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880.
- affected < 3.36.0-9.18.1fixed 3.36.0-9.18.1
exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.
- affected < 3.36.0-9.18.1fixed 3.36.0-9.18.1
pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns.
- affected < 3.36.0-9.18.1fixed 3.36.0-9.18.1
SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash.
- affected < 3.36.0-9.18.1fixed 3.36.0-9.18.1
alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.
- affected < 3.36.0-9.18.1fixed 3.36.0-9.18.1
lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other impact.
- affected < 3.36.0-9.18.1fixed 3.36.0-9.18.1
sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage.
- affected < 3.36.0-9.18.1fixed 3.36.0-9.18.1
In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."
Page 1 of 2