CVE search results

11 – 20 of 86 results

Detailed view

Sort by:

CVE-2024-0232

Medium priority

Not affected

A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application,...

2 affected packages

sqlite, sqlite3

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
sqlite	Not in release	Not in release	Not affected	Not affected	Not affected
sqlite3	Not affected	Not affected	Not affected	Not affected	Not affected

CVE-2023-7104

Medium priority

Fixed

A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler....

2 affected packages

sqlite, sqlite3

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
sqlite	Not in release	Not in release	Not affected	Not affected	Not affected
sqlite3	Not affected	Not affected	Fixed	Fixed	Fixed

CVE-2023-36191

Low priority

Ignored

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

2 affected packages

sqlite, sqlite3

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
sqlite	—	—	Not affected	Not affected	Not affected
sqlite3	—	—	Not affected	Not affected	Not affected

CVE-2021-31239

Medium priority

Not affected

An issue found in SQLite SQLite3 v.3.35.4 that allows a remote attacker to cause a denial of service via the appendvfs.c function.

2 affected packages

sqlite, sqlite3

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
sqlite	—	—	Not affected	Not affected	Not affected
sqlite3	—	—	Not affected	Not affected	Not affected

CVE-2020-24736

Medium priority

Needs evaluation

Buffer Overflow vulnerability found in SQLite3 v.3.27.1 and before allows a local attacker to cause a denial of service via a crafted script.

2 affected packages

sqlite, sqlite3

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
sqlite	Not in release	Not in release	Needs evaluation	Needs evaluation	Needs evaluation
sqlite3	Not affected	Not affected	Not affected	Not affected	Not affected

CVE-2022-43441

Medium priority

Needs evaluation

A code execution vulnerability exists in the Statement Bindings functionality of Ghost Foundation node-sqlite3 5.1.1. A specially-crafted Javascript file can lead to arbitrary code execution. An attacker can provide malicious...

1 affected package

node-sqlite3

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
node-sqlite3	Not affected	Not affected	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2022-46908

Low priority

Some fixes available 1 of 2

SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.

2 affected packages

sqlite, sqlite3

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
sqlite	—	—	Not affected	Not affected	Not affected
sqlite3	—	—	Fixed	Not affected	Not affected

CVE-2020-35527

Medium priority

Some fixes available 1 of 2

In SQLite 3.31.1, there is an out of bounds access problem through ALTER TABLE for views that have a nested FROM clause.

2 affected packages

sqlite, sqlite3

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
sqlite	—	—	Not affected	Not affected	Not affected
sqlite3	—	—	Not affected	Fixed	Ignored

CVE-2020-35525

Medium priority

Some fixes available 4 of 5

In SQlite 3.31.1, a potential null pointer derreference was found in the INTERSEC query processing.

2 affected packages

sqlite, sqlite3

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
sqlite	—	Not in release	Not affected	Not affected	Not affected
sqlite3	—	Not affected	Not affected	Fixed	Fixed

CVE-2021-20223

Medium priority

Some fixes available 1 of 2

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

2 affected packages

sqlite, sqlite3

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
sqlite	—	—	Not affected	Not affected	Not affected
sqlite3	—	—	Not affected	Fixed	Not affected

Export to JSON

Results by page:

Search CVE reports