ALT Linux Team

Package sqlite3 update in sisyphus on 2019-03-22

ALT-PU-2019-1492-1

Package sqlite3 updated to version 3.27.2-alt1 for branch sisyphus in task 225506.

Closed vulnerabilities

Published: 2019-12-09

BDU:2020-01436

Уязвимость системы управления базами данных SQLite, связанная с использованием памяти после освобождения, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (8.1) Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2019-05-10
Modified: 2024-11-21

CVE-2019-5018

An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this vulnerability.

Severity: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
References:

Closed bugs

Bug #36341

sqlite3: outdated sqlite

VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top