Advisory ROSA-SA-2021-1975

Software: sqlite 3.7.17
OS: Cobalt 7.9

CVE-ID: CVE-2015-3717
CVE-Crit: HIGH
CVE-DESC: Multiple buffer overflows in SQLite’s printf function, used in Apple iOS before 8.4 and OS X before 10.10.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via undefined vectors.
CVE-STATUS: default
CVE-REV: Default

CVE-ID: CVE-2016-6153
CVE-Crit: MEDIUM
CVE-DESC: os_unix.c in SQLite before version 3.13.0 incorrectly implements the temporary directory lookup algorithm, which could allow local users to obtain sensitive information, cause a denial of service (application crash), or have an unspecified other impact by exploiting the use of the current working directory for temporary files.
CVE-STATUS: Default
CVE-REV: default

CVE-ID: CVE-2017-10989
CVE-Crit: CRITICAL
CVE-DESC: The getNodeSize function in ext / rtree / rtree.c in SQLite before version 3.19.3, used in GDAL and other products, incorrectly handles RTree BLOB objects that are too small in the created database, resulting in a heap-based buffer overflow or possibly unspecified other impact.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2018-20505
CVE-Crit: HIGH
CVE-DESC: SQLite 3.25.2, when queries are executed on a table with a garbled FIRST key, allows remote attackers to cause a denial of service (application failure) by using the ability to run arbitrary SQL statements (e.g., in some WebSQL use cases).
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2018-20346
CVE-Crit: HIGH
CVE-DESC: SQLite prior to version 3.25.3, when the FTS3 extension is enabled, detects integer overflows (and resulting buffer overflows) for FTS3 queries that occur after created changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code using the ability to run arbitrary SQL statements (e.g., in some WebSQL use cases), also known as Magellan.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2018-20506
CVE-Crit: HIGH
CVE-DESC: SQLite prior to version 3.25.3, when the FTS3 extension is enabled, detects an integer overflow (and resulting buffer overflow) for FTS3 queries in a “merge” operation that occurs after created changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code using the ability to run arbitrary SQL statements (e.g., in certain WebSQL use cases). This is a different vulnerability than CVE-2018-20346.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2018-8740
CVE-Crit: HIGH
CVE-DESC: In SQLite before version 3.22.0, databases whose schema is corrupted using the CREATE TABLE AS statement could cause dereferencing of the NULL pointer associated with build.c and prepare.c.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2019-19645
CVE-Crit: MEDIUM
CVE-DESC: alter.c in SQLite before 3.30.1 allows attackers to trigger infinite recursion using certain types of self-referential views in conjunction with ALTER TABLE statements.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2019-19646
CVE-Crit: CRITICAL
CVE-DESC: In some cases of generated columns, the pragma.c file in SQLite before 3.30.1 incorrectly handles NOT NULL in the PRAGMA Integration_check command.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2019-8457
CVE-Crit: CRITICAL
CVE-DESC: SQLite3 from 3.6.0 to 3.27.2 inclusive is vulnerable to read outside the heap in the rtreenode () function when processing invalid rtree tables.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2020-11655
CVE-Crit: HIGH
CVE-DESC: SQLite before 3.31.1 allows attackers to cause a denial of service (segmentation error) using a garbled window function request due to improper initialization of the AggInfo object.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2020-11656.
CVE-Crit: CRIT.
CVE-DESC: In SQLite before 3.31.1, the ALTER TABLE implementation has a use-after-release feature, as demonstrated by the ORDER BY clause that belongs to the composite SELECT statement.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2020-13632.
CVE-Crit: MEDIUM
CVE-DESC: ext / fts3 / fts3_snippet.c in SQLite before 3.32.0 has NULL pointer dereferencing via the created matchinfo () query.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2020-13434
CVE-Crit: MEDIUM
CVE-DESC: SQLite before 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2020-13435
CVE-Crit: MEDIUM
CVE-DESC: SQLite before version 3.32.0 has a segmentation error in sqlite3ExprCodeTarget in expr.c.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2020-13630
CVE-Crit: HIGH
CVE-DESC: ext / fts3 / fts3.c in SQLite before 3.32.0 has a post-release usage function in fts3EvalNextRow associated with the fragment function.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2020-13631
CVE-Crit: MEDIUM
CVE-DESC: SQLite before 3.32.0 allows you to rename a virtual table by the name of one of its shadow tables associated with alter.c and build.c.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2020-15358
CVE-Crit: MEDIUM
CVE-DESC: In SQLite before 3.32.3, select.c incorrectly handles query alignment optimization, resulting in multiSelectOrderBy heap overflow due to improper use of transitive properties to propagate constants.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2021-20227
CVE-Crit: MEDIUM
CVE-DESC: A flaw was discovered in the SQLite SELECT query function (src / select.c). This flaw allows an attacker who can execute SQL queries locally in a SQLite database to cause a denial of service or possible code execution by initiating post-release usage. The biggest threat from this vulnerability is to system availability.
CVE-STATUS: default
CVE-REV: default