ALT-PU-2024-2509-2
Closed vulnerabilities
Published: 2023-12-29
BDU:2024-00480
Уязвимость функции sessionReadRecord файла ext/session/sqlite3session.c системы управления базами данных SQLite, позволяющая нарушителю оказать влияние на конфиденциальность, целостность и доступность
Severity: HIGH (7.3)
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
References:
Published: 2023-12-29
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2023-7104
A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999.
Severity: HIGH (7.3)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
References:
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYONA2XSNFMXLAW4IHLFI5UVV3QRNG5K/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYONA2XSNFMXLAW4IHLFI5UVV3QRNG5K/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D6C2HN4T2S6GYNTAUXLH45LQZHK7QPHP/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D6C2HN4T2S6GYNTAUXLH45LQZHK7QPHP/
- https://security.netapp.com/advisory/ntap-20240112-0008/
- https://security.netapp.com/advisory/ntap-20240112-0008/
- https://sqlite.org/forum/forumpost/5bcbf4571c
- https://sqlite.org/forum/forumpost/5bcbf4571c
- https://sqlite.org/src/info/0e4e7a05c4204b47
- https://sqlite.org/src/info/0e4e7a05c4204b47
- https://vuldb.com/?ctiid.248999
- https://vuldb.com/?ctiid.248999
- https://vuldb.com/?id.248999
- https://vuldb.com/?id.248999