Your submission was sent successfully! Close

CVE-2019-13734

Published: 10 December 2019

Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Priority

Medium

CVSS 3 base score: 8.8

Status

Package Release Status
chromium-browser
Launchpad, Ubuntu, Debian
bionic
Released (79.0.3945.79-0ubuntu0.18.04.1)
disco
Released (79.0.3945.79-0ubuntu0.19.04.3)
eoan
Released (79.0.3945.79-0ubuntu0.19.10.2)
focal
Released (79.0.3945.79-0ubuntu1)
groovy
Released (79.0.3945.79-0ubuntu1)
hirsute
Released (79.0.3945.79-0ubuntu1)
impish
Released (79.0.3945.79-0ubuntu1)
jammy
Released (79.0.3945.79-0ubuntu1)
precise Does not exist

trusty Does not exist

upstream
Released (79.0.3945.79-1)
xenial
Released (79.0.3945.79-0ubuntu0.16.04.1)
sqlite
Launchpad, Ubuntu, Debian
bionic Needs triage

disco Ignored
(reached end-of-life)
eoan Ignored
(reached end-of-life)
focal Needs triage

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Needs triage

jammy Needs triage

precise Does not exist

trusty Needs triage

upstream Needs triage

xenial Ignored
(end of standard support, was needs-triage)
Patches:
upstream: https://www.sqlite.org/src/info/51525f9c3235967b
upstream: https://github.com/sqlite/sqlite/commit/c72f2fb7feff582444b8ffdc6c900c69847ce8a9


sqlite3
Launchpad, Ubuntu, Debian
bionic
Released (3.22.0-1ubuntu0.3)
disco Ignored
(reached end-of-life)
eoan
Released (3.29.0-2ubuntu0.2)
focal Not vulnerable
(3.31.1-1ubuntu1)
groovy Not vulnerable
(3.31.1-1ubuntu1)
hirsute Not vulnerable
(3.31.1-1ubuntu1)
impish Not vulnerable
(3.31.1-1ubuntu1)
jammy Not vulnerable
(3.31.1-1ubuntu1)
precise Ignored
(end of ESM support, was needs-triage)
trusty
Released (3.8.2-1ubuntu2.2+esm2)
upstream Needs triage

xenial
Released (3.11.0-1ubuntu1.4)
Patches:


upstream: https://www.sqlite.org/src/info/51525f9c3235967b
upstream: https://github.com/sqlite/sqlite/commit/c72f2fb7feff582444b8ffdc6c900c69847ce8a9