5 matches found
RHEL 9 : sqlite (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - sqlite: use-after-free bug in jsonParseAddNodeArray CVE-2024-0232 - Rejected reason: DO NOT USE THIS...
CVE-2024-0232
SQLite has a heap use-after-free in jsonParseAddNodeArray() (sqlite3.c) CVE-2024-0232. Local attacker may crash the application via crafted input, enabling a denial of service. The IBM bulletin notes this vulnerability in IBM Netezza Appliance usage and lists remediation for that product: upgrade...
CVE-2024-0232 Sqlite: use-after-free bug in jsonparseaddnodearray
A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service...
CVE-2024-0232
A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service...
SQLite report about CVE-2024-0232
An attacker who can inject arbitrary SQL statements into an application might be able to provoke a use-after-free bug in SQLite's JSON parser that can in theory lead to an application crash and denial of service. See forum thread b25edc1d4662 for the bug report...