Lucene search

K

GoogleOSV:USN-5615-2

HistorySep 28, 2022 - 7:31 p.m.

sqlite3 vulnerability

2022-09-2819:31:34

Google

osv.dev

9

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.6%

USN-5615-1 fixed several vulnerabilities in SQLite. This update provides
the corresponding fix for CVE-2020-35525 for Ubuntu 16.04 ESM.

Original advisory details:

It was discovered that SQLite incorrectly handled INTERSEC query
processing. An attacker could use this issue to cause SQLite to crash,
resulting in a denial of service, or possibly execute arbitrary code.

References

ubuntu.com/security/CVE-2020-35525

ubuntu.com/security/notices/USN-5615-2

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.6%

Related for OSV:USN-5615-2

nessus18 ibm8 ubuntucve1 cvelist1 nvd1 osv5 openvas13 debiancve1 cve1 veracode1 ubuntu2 prion1 redhatcve1 cnvd1 oraclelinux1 rocky1 redhat17 cloudlinux1 almalinux1 cloudfoundry1 debian1 rosalinux2 tenable1 ics1