ALT-PU-2020-1981-1
Closed vulnerabilities
Published: 2020-02-22
BDU:2020-03619
Уязвимость компонента isAuxiliaryVtabOperator системы управления базами данных SQLite, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5)
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2020-04-09
BDU:2021-00758
Уязвимость функции resetAccumulator из src/select.c системы управления базами данных SQLite, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5)
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2020-04-09
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2020-11655
SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.
Severity: HIGH (7.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
- [debian-lts-announce] 20200505 [SECURITY] [DLA 2203-1] sqlite3 security update
- [debian-lts-announce] 20200822 [SECURITY] [DLA 2340-1] sqlite3 security update
- FreeBSD-SA-20:22
- GLSA-202007-26
- https://security.netapp.com/advisory/ntap-20200416-0001/
- USN-4394-1
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://www.oracle.com/security-alerts/cpujan2021.html
- https://www.oracle.com/security-alerts/cpujul2020.html
- https://www.oracle.com/security-alerts/cpuoct2020.html
- https://www.tenable.com/security/tns-2021-14
- https://www3.sqlite.org/cgi/src/info/4a302b42c7bf5e11
- https://www3.sqlite.org/cgi/src/tktview?name=af4556bb5c
- https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
- https://www3.sqlite.org/cgi/src/tktview?name=af4556bb5c
- https://www3.sqlite.org/cgi/src/info/4a302b42c7bf5e11
- https://www.tenable.com/security/tns-2021-14
- https://www.oracle.com/security-alerts/cpuoct2020.html
- https://www.oracle.com/security-alerts/cpujul2020.html
- https://www.oracle.com/security-alerts/cpujan2021.html
- https://www.oracle.com/security-alerts/cpuApr2021.html
- USN-4394-1
- https://security.netapp.com/advisory/ntap-20200416-0001/
- GLSA-202007-26
- FreeBSD-SA-20:22
- [debian-lts-announce] 20200822 [SECURITY] [DLA 2340-1] sqlite3 security update
- [debian-lts-announce] 20200505 [SECURITY] [DLA 2203-1] sqlite3 security update
Published: 2020-02-22
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2020-9327
In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.
Severity: HIGH (7.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
- GLSA-202003-16
- GLSA-202003-16
- https://security.netapp.com/advisory/ntap-20200313-0002/
- https://security.netapp.com/advisory/ntap-20200313-0002/
- USN-4298-1
- USN-4298-1
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://www.oracle.com/security-alerts/cpujan2021.html
- https://www.oracle.com/security-alerts/cpujan2021.html
- https://www.oracle.com/security-alerts/cpujul2020.html
- https://www.oracle.com/security-alerts/cpujul2020.html
- https://www.oracle.com/security-alerts/cpuoct2020.html
- https://www.oracle.com/security-alerts/cpuoct2020.html
- https://www.sqlite.org/cgi/src/info/4374860b29383380
- https://www.sqlite.org/cgi/src/info/4374860b29383380
- https://www.sqlite.org/cgi/src/info/9d0d4ab95dc0c56e
- https://www.sqlite.org/cgi/src/info/9d0d4ab95dc0c56e
- https://www.sqlite.org/cgi/src/info/abc473fb8fb99900
- https://www.sqlite.org/cgi/src/info/abc473fb8fb99900