Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
almalinuxAlmaLinuxALSA-2022:7108
HistoryOct 25, 2022 - 12:00 a.m.

Moderate: sqlite security update

2022-10-2500:00:00
errata.almalinux.org
13

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

60.0%

JSON

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server.

Security Fix(es):

  • sqlite: Out of bounds access during table rename (CVE-2020-35527)
  • sqlite: Null pointer derreference in src/select.c (CVE-2020-35525)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
almalinux8i686sqlite-libs< 3.26.0-16.el8_6sqlite-libs-3.26.0-16.el8_6.i686.rpm
almalinux8i686sqlite< 3.26.0-16.el8_6sqlite-3.26.0-16.el8_6.i686.rpm
almalinux8noarchsqlite-doc< 3.26.0-16.el8_6sqlite-doc-3.26.0-16.el8_6.noarch.rpm
almalinux8i686sqlite-devel< 3.26.0-16.el8_6sqlite-devel-3.26.0-16.el8_6.i686.rpm
almalinux8aarch64sqlite< 3.26.0-16.el8_6sqlite-3.26.0-16.el8_6.aarch64.rpm
almalinux8aarch64sqlite-devel< 3.26.0-16.el8_6sqlite-devel-3.26.0-16.el8_6.aarch64.rpm
almalinux8aarch64sqlite-libs< 3.26.0-16.el8_6sqlite-libs-3.26.0-16.el8_6.aarch64.rpm
almalinux8x86_64sqlite-libs< 3.26.0-16.el8_6sqlite-libs-3.26.0-16.el8_6.x86_64.rpm
almalinux8x86_64sqlite< 3.26.0-16.el8_6sqlite-3.26.0-16.el8_6.x86_64.rpm
almalinux8x86_64sqlite-devel< 3.26.0-16.el8_6sqlite-devel-3.26.0-16.el8_6.x86_64.rpm
Rows per page:
1-10 of 201

Related

oraclelinux 1
nessus 16
osv 7
redhat 17
rocky 1
ubuntu 2
debian 1
rosalinux 2
cloudfoundry 1
ibm 10
debiancve 2
ubuntucve 2
cnvd 2
veracode 2
prion 2
redhatcve 2
cve 2
cloudlinux 1
tenable 1
ics 1
oraclelinux
oraclelinux
sqlite security update
2022-10-26 00:00:00
nessus
nessus
Rocky Linux 8 : sqlite (RLSA-2022:7108)
2023-11-07 00:00:00
RHEL 8 : sqlite (RHSA-2022:7108)
2022-10-25 00:00:00
AlmaLinux 8 : sqlite (ALSA-2022:7108)
2022-10-28 00:00:00
osv
osv
Moderate: sqlite security update
2022-10-25 00:00:00
sqlite3 - security update
2022-09-13 00:00:00
Moderate: sqlite security update
2022-10-25 07:23:23
redhat
redhat
(RHSA-2022:7108) Moderate: sqlite security update
2022-10-25 07:23:23
(RHSA-2022:7407) Moderate: Service Binding Operator 1.3.1 security update
2022-11-03 13:07:58
(RHSA-2022:8634) Moderate: OpenShift API for Data Protection (OADP) 1.1.1 security and bug fix update
2022-11-28 02:40:48
rocky
rocky
sqlite security update
2022-10-25 07:23:23
ubuntu
ubuntu
SQLite vulnerabilities
2022-09-15 00:00:00
SQLite vulnerability
2022-09-28 00:00:00
debian
debian
[SECURITY] [DLA 3107-1] sqlite3 security update
2022-09-13 14:25:21
rosalinux
rosalinux
Advisory ROSA-SA-2023-2171
2023-06-20 10:39:04
Advisory ROSA-SA-2023-2149
2023-04-11 13:56:14
cloudfoundry
cloudfoundry
USN-5615-1: SQLite vulnerabilities | Cloud Foundry
2022-09-29 00:00:00
ibm
ibm
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs
2023-01-30 13:46:22
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in SQlite (CVE-2020-35525)
2023-03-31 16:40:37
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to arbitrary code execution in SQlite [CVE-2020-35527]
2023-04-06 19:16:37
debiancve
debiancve
CVE-2020-35527
2022-09-01 18:15:00
CVE-2020-35525
2022-09-01 18:15:00
ubuntucve
ubuntucve
CVE-2020-35525
2022-09-01 00:00:00
CVE-2020-35527
2022-09-01 00:00:00
cnvd
cnvd
SQLite has an unspecified vulnerability (CNVD-2022-62228)
2022-09-05 00:00:00
SQlite has an unspecified vulnerability (CNVD-2022-62229)
2022-09-05 00:00:00
veracode
veracode
Out Of Bound Access
2022-09-16 17:53:04
NULL Pointer Dereference
2022-09-16 17:53:04
prion
prion
Design/Logic Flaw
2022-09-01 18:15:00
Null pointer dereference
2022-09-01 18:15:00
redhatcve
redhatcve
CVE-2020-35527
2022-08-29 19:42:54
CVE-2020-35525
2022-08-29 19:42:54
cve
cve
CVE-2020-35525
2022-09-01 18:15:00
CVE-2020-35527
2022-09-01 18:15:00
cloudlinux
cloudlinux
Fixed CVEs in sqlite: CVE-2020-35525, CVE-2020-13435
2022-10-10 18:56:17
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47
ics
ics
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

60.0%

JSON
Related for ALSA-2022:7108
oraclelinux1nessus16osv7redhat17rocky1ubuntu2debian1rosalinux2cloudfoundry1ibm10debiancve2ubuntucve2cnvd2veracode2prion2redhatcve2cve2cloudlinux1tenable1ics1