CVE-2020-11655
https://notcve.org/view.php?id=CVE-2020-11655
SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled. SQLite versiones hasta 3.31.1, permite a atacantes causar una denegación de servicio (fallo de segmentación) por medio de una consulta de una función de window malformada porque la inicialización el objeto AggInfo es manejada inapropiadamente. • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://lists.debian.org/debian-lts-announce/2020/05/msg00006.html https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc https://security.gentoo.org/glsa/202007-26 https://security.netapp.com/advisory/ntap-20200416-0001 https://usn.ubuntu.com/4394-1 https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security- • CWE-665: Improper Initialization •
CVE-2020-11656
https://notcve.org/view.php?id=CVE-2020-11656
In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement. En SQLite versiones hasta 3.31.1, la implementación de ALTER TABLE presenta un uso de la memoria previamente liberada, como es demostrado por una cláusula ORDER BY que pertenece a una sentencia SELECT compuesta. • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc https://security.gentoo.org/glsa/202007-26 https://security.netapp.com/advisory/ntap-20200416-0001 https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpujan2021.html https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/security-alerts/cpuoct2020.html https://www.sqlite.org/src/info/d09f8c3621d5 • CWE-416: Use After Free •
CVE-2020-9327 – sqlite: NULL pointer dereference and segmentation fault because of generated column optimizations
https://notcve.org/view.php?id=CVE-2020-9327
In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations. En SQLite versión 3.31.1, la función isAuxiliaryVtabOperator permite a atacantes desencadenar una desreferencia del puntero NULL y un fallo de segmentación debido a las optimizaciones de columna generadas. A NULL pointer dereference was found in SQLite in the way it executes select statements with column optimizations. An attacker who is able to execute SQL statements can use this flaw to crash the application. • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://security.gentoo.org/glsa/202003-16 https://security.netapp.com/advisory/ntap-20200313-0002 https://usn.ubuntu.com/4298-1 https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpujan2021.html https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/security-alerts/cpuoct2020.html https://www.sqlite.org/cgi/src/info/4374860b29383380 https://www.sqlite. • CWE-476: NULL Pointer Dereference •
CVE-2019-19959 – sqlite: mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames
https://notcve.org/view.php?id=CVE-2019-19959
ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind. El archivo ext/misc/zipfile.c en SQLite versión 3.30.1, maneja inapropiadamente ciertos usos de INSERT INTO en situaciones que involucran caracteres "\0" insertados en los nombres de archivo, conllevando a un error de administración de memoria que puede ser detectado por valgrind (por ejemplo). • https://github.com/sqlite/sqlite/commit/1e490c4ca6b43a9cf8637d695907888349f69bec https://github.com/sqlite/sqlite/commit/d8f2d46cbc9925e034a68aaaf60aad788d9373c1 https://security.netapp.com/advisory/ntap-20200204-0001 https://usn.ubuntu.com/4298-1 https://www.oracle.com/security-alerts/cpuapr2020.html https://access.redhat.com/security/cve/CVE-2019-19959 https://bugzilla.redhat.com/show_bug.cgi?id=1789595 • CWE-626: Null Byte Interaction Error (Poison Null Byte) •
CVE-2019-20218 – sqlite: selectExpander in select.c proceeds with WITH stack unwinding even after a parsing error
https://notcve.org/view.php?id=CVE-2019-20218
selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error. La función selectExpander en el archivo select.c en SQLite versión 3.30.1, continúa con el despliegue de la pila WITH incluso después de un error de análisis. • https://github.com/sqlite/sqlite/commit/a6c1a71cde082e09750465d5675699062922e387 https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html https://lists.debian.org/debian-lts-announce/2020/12/msg00016.html https://security.gentoo.org/glsa/202007-26 https://usn.ubuntu.com/4298-1 https://www.oracle.com/security-alerts/cpuapr2020.html https://access.redhat.com/security/cve/CVE-2019-20218 https://bugzilla.redhat.com/show_bug.cgi?id=1791313 • CWE-391: Unchecked Error Condition CWE-755: Improper Handling of Exceptional Conditions •