ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.

...

Querybook Data Falsification Issue Vulnerability

Querybook is an open source big data query UI for Pinterest. A data forgery issue vulnerability exists in Querybook versions prior to 3.32.0, which stems from the presence of cross-site websocket hijacking that allows an attacker to read/edit/delete a user's data document...