Your submission was sent successfully! Close

CVE-2020-11655

Published: 9 April 2020

SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.

Priority

Low

CVSS 3 base score: 7.5

Status

Package Release Status
sqlite
Launchpad, Ubuntu, Debian
bionic Needs triage

eoan Ignored
(reached end-of-life)
focal Needs triage

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Needs triage

jammy Needs triage

precise Does not exist

trusty Needs triage

upstream Needs triage

xenial Ignored
(end of standard support, was needs-triage)
sqlite3
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(code not present)
eoan
Released (3.29.0-2ubuntu0.3)
focal
Released (3.31.1-4ubuntu0.1)
groovy Not vulnerable
(3.31.1-5)
hirsute Not vulnerable
(3.31.1-5)
impish Not vulnerable
(3.31.1-5)
jammy Not vulnerable
(3.31.1-5)
precise Not vulnerable
(code not present)
trusty Not vulnerable
(code not present)
upstream
Released (3.31.1-5)
xenial Not vulnerable
(code not present)