Search CVE reports
21 – 30 of 81 results
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud...
2 affected packages
sqlite, sqlite3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
sqlite | Not in release | Not affected | Not affected | Not affected |
sqlite3 | Not affected | Not affected | Not affected | Not affected |
In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.
1 affected package
sqlite3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
sqlite3 | — | — | — | Fixed |
Some fixes available 1 of 4
In SQLite 3.31.1, there is an out of bounds access problem through ALTER TABLE for views that have a nested FROM clause.
2 affected packages
sqlite, sqlite3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
sqlite | — | Not affected | Not affected | Not affected |
sqlite3 | — | Not affected | Fixed | Ignored |
Some fixes available 4 of 5
In SQlite 3.31.1, a potential null pointer derreference was found in the INTERSEC query processing.
2 affected packages
sqlite, sqlite3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
sqlite | Not in release | Not affected | Not affected | Not affected |
sqlite3 | Not affected | Not affected | Fixed | Fixed |
Buffer Overflow vulnerability found in SQLite3 v.3.27.1 and before allows a local attacker to cause a denial of service via a crafted script.
2 affected packages
sqlite, sqlite3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
sqlite | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
sqlite3 | Not affected | Not affected | Not affected | Not affected |
Some fixes available 1 of 2
In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.
2 affected packages
sqlite, sqlite3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
sqlite | — | — | Not affected | Not affected |
sqlite3 | — | — | Fixed | Not affected |
SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.
2 affected packages
sqlite, sqlite3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
sqlite | — | — | Not affected | Not affected |
sqlite3 | — | — | Not affected | Not affected |
ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.
2 affected packages
sqlite3, sqlite
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
sqlite3 | — | — | Fixed | Fixed |
sqlite | — | — | Not affected | Not affected |
Some fixes available 2 of 10
SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.
2 affected packages
sqlite, sqlite3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
sqlite | — | — | Ignored | Ignored |
sqlite3 | — | — | Fixed | Ignored |
ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.
2 affected packages
sqlite3, sqlite
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
sqlite3 | — | — | Fixed | Fixed |
sqlite | — | — | Not affected | Not affected |