CVE-2021-45346
Published: 14 February 2022
A Memory Leak vulnerabilty exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Database File), it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicous user obtain sensitive information..
Priority
Low
CVSS 3 base score: 6.5
Status
| Package | Release | Status |
|---|---|---|
|
sqlite Launchpad, Ubuntu, Debian |
bionic |
Ignored
(vendor disputes CVE)
|
| focal |
Ignored
(vendor disputes CVE)
|
|
| impish |
Ignored
(vendor disputes CVE)
|
|
| jammy |
Ignored
(vendor disputes CVE)
|
|
| trusty |
Ignored
(vendor disputes CVE)
|
|
| upstream |
Ignored
(vendor disputes CVE)
|
|
| xenial |
Ignored
(end of standard support, was needs-triage)
|
|
|
sqlite3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(vendor disputes CVE)
|
| focal |
Ignored
(vendor disputes CVE)
|
|
| impish |
Ignored
(vendor disputes CVE)
|
|
| jammy |
Ignored
(vendor disputes CVE)
|
|
| trusty |
Ignored
(vendor disputes CVE)
|
|
| upstream |
Ignored
(vendor disputes CVE)
|
|
| xenial |
Ignored
(vendor disputes CVE)
|
Notes
| Author | Note |
|---|---|
| eslerm | disputed by upstream "Yes, you can do that in SQLite. You can also do it in just about every other RDBMS and every filesystem ever invented." |