Search CVE reports
1 – 10 of 78 results
CVE-2024-35515
Medium priorityInsecure deserialization in sqlitedict up to v2.1.0 allows attackers to execute arbitrary code.
1 affected packages
sqlitedict
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| sqlitedict | Needs evaluation | Not in release | Not in release | — | — |
CVE-2024-0232
Medium priorityA heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application,...
2 affected packages
sqlite, sqlite3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| sqlite | Not in release | Not affected | Not affected | Not affected | Not affected |
| sqlite3 | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2023-7104
Medium priorityA vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler....
2 affected packages
sqlite, sqlite3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| sqlite | Not in release | Not affected | Not affected | Not affected | Not affected |
| sqlite3 | Not affected | Fixed | Fixed | Fixed | Not affected |
CVE-2023-32697
Medium prioritySQLite JDBC is a library for accessing and creating SQLite database files in Java. Sqlite-jdbc addresses a remote code execution vulnerability via JDBC URL. This issue impacting versions 3.6.14.1 through 3.41.2.1 and has been...
1 affected packages
xerial-sqlite-jdbc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| xerial-sqlite-jdbc | Needs evaluation | Needs evaluation | Not in release | Not in release | Ignored |
CVE-2021-31239
Medium priorityAn issue found in SQLite SQLite3 v.3.35.4 that allows a remote attacker to cause a denial of service via the appendvfs.c function.
2 affected packages
sqlite, sqlite3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| sqlite | — | Not affected | Not affected | Not affected | Not affected |
| sqlite3 | — | Not affected | Not affected | Not affected | Not affected |
CVE-2020-24736
Medium priorityBuffer Overflow vulnerability found in SQLite3 v.3.27.1 and before allows a local attacker to cause a denial of service via a crafted script.
2 affected packages
sqlite, sqlite3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| sqlite | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| sqlite3 | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2022-43441
Medium priorityA code execution vulnerability exists in the Statement Bindings functionality of Ghost Foundation node-sqlite3 5.1.1. A specially-crafted Javascript file can lead to arbitrary code execution. An attacker can provide malicious...
1 affected packages
node-sqlite3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| node-sqlite3 | Not affected | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2022-46908
Low prioritySome fixes available 1 of 2
SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.
2 affected packages
sqlite, sqlite3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| sqlite | — | Not affected | Not affected | Not affected | Not affected |
| sqlite3 | — | Fixed | Not affected | Not affected | Not affected |
CVE-2020-35527
Medium prioritySome fixes available 1 of 4
In SQLite 3.31.1, there is an out of bounds access problem through ALTER TABLE for views that have a nested FROM clause.
2 affected packages
sqlite, sqlite3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| sqlite | — | Not affected | Not affected | Not affected | Not affected |
| sqlite3 | — | Not affected | Fixed | Ignored | Ignored |
CVE-2020-35525
Medium prioritySome fixes available 4 of 5
In SQlite 3.31.1, a potential null pointer derreference was found in the INTERSEC query processing.
2 affected packages
sqlite, sqlite3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| sqlite | Not in release | Not affected | Not affected | Not affected | Not affected |
| sqlite3 | Not affected | Not affected | Fixed | Fixed | Fixed |