Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-4394-1
HistoryJun 10, 2020 - 12:00 a.m.

SQLite vulnerabilities

2020-06-1000:00:00
ubuntu.com
63

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8.7 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.023 Low

EPSS

Percentile

89.6%

JSON

Releases

  • Ubuntu 20.04 LTS
  • Ubuntu 19.10
  • Ubuntu 18.04 ESM
  • Ubuntu 16.04 ESM

Packages

  • sqlite3 - C library that implements an SQL database engine

Details

It was discovered that SQLite incorrectly handled certain corruped schemas.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 18.04 LTS. (CVE-2018-8740)

It was discovered that SQLite incorrectly handled certain SELECT
statements. An attacker could possibly use this issue to cause a denial of
service. This issue was only addressed in Ubuntu 19.10. (CVE-2019-19603)

It was discovered that SQLite incorrectly handled certain self-referential
views. An attacker could possibly use this issue to cause a denial of
service. This issue was only addressed in Ubuntu 19.10. (CVE-2019-19645)

Henry Liu discovered that SQLite incorrectly handled certain malformed
window-function queries. An attacker could possibly use this issue to cause
a denial of service. This issue only affected Ubuntu 19.10 and Ubuntu 20.04
LTS. (CVE-2020-11655)

It was discovered that SQLite incorrectly handled certain string
operations. An attacker could use this issue to cause SQLite to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2020-13434)

It was discovered that SQLite incorrectly handled certain expressions. An
attacker could use this issue to cause SQLite to crash, resulting in a
denial of service, or possibly execute arbitrary code. This issue only
affected Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-13435)

It was discovered that SQLite incorrectly handled certain fts3 queries. An
attacker could use this issue to cause SQLite to crash, resulting in a
denial of service, or possibly execute arbitrary code. (CVE-2020-13630)

It was discovered that SQLite incorrectly handled certain virtual table
names. An attacker could possibly use this issue to cause a denial of
service. This issue was only addressed in Ubuntu 19.10 and Ubuntu 20.04
LTS. (CVE-2020-13631)

It was discovered that SQLite incorrectly handled certain fts3 queries. An
attacker could use this issue to cause SQLite to crash, resulting in a
denial of service, or possibly execute arbitrary code. (CVE-2020-13632)

OSVersionArchitecturePackageVersionFilename
Ubuntu20.04noarchlibsqlite3-0< 3.31.1-4ubuntu0.1UNKNOWN
Ubuntu20.04noarchlemon< 3.31.1-4ubuntu0.1UNKNOWN
Ubuntu20.04noarchlemon-dbgsym< 3.31.1-4ubuntu0.1UNKNOWN
Ubuntu20.04noarchlibsqlite3-0-dbgsym< 3.31.1-4ubuntu0.1UNKNOWN
Ubuntu20.04noarchlibsqlite3-dev< 3.31.1-4ubuntu0.1UNKNOWN
Ubuntu20.04noarchlibsqlite3-tcl< 3.31.1-4ubuntu0.1UNKNOWN
Ubuntu20.04noarchlibsqlite3-tcl-dbgsym< 3.31.1-4ubuntu0.1UNKNOWN
Ubuntu20.04noarchsqlite3< 3.31.1-4ubuntu0.1UNKNOWN
Ubuntu20.04noarchsqlite3-dbgsym< 3.31.1-4ubuntu0.1UNKNOWN
Ubuntu20.04noarchsqlite3-doc< 3.31.1-4ubuntu0.1UNKNOWN
Rows per page:
1-10 of 421

Related

cloudfoundry 1
openvas 26
nessus 46
freebsd 3
freebsd_advisory 1
fedora 4
ibm 5
rocky 2
almalinux 3
redhat 3
photon 6
mageia 2
osv 17
gentoo 1
rosalinux 1
debian 3
suse 2
debiancve 8
ubuntucve 8
oraclelinux 2
kaspersky 1
prion 9
apple 2
alpinelinux 8
redhatcve 8
cve 8
cbl_mariner 7
sqlite 5
veracode 7
cloudfoundry
cloudfoundry
USN-4394-1: SQLite vulnerabilities | Cloud Foundry
2020-06-24 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-4394-1)
2020-06-11 00:00:00
Fedora: Security Advisory for sqlite (FEDORA-2020-0477f8840e)
2020-06-07 00:00:00
Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2020-1693)
2020-06-26 00:00:00
nessus
nessus
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : SQLite vulnerabilities (USN-4394-1)
2020-06-11 00:00:00
FreeBSD : several security issues in sqlite3 (c4ac9c79-ab37-11ea-8b5e-b42e99a1b9c3)
2020-06-17 00:00:00
Photon OS 1.0: Sqlite PHSA-2020-1.0-0298
2020-06-10 00:00:00
freebsd
freebsd
several security issues in sqlite3
2020-05-25 00:00:00
SQLite -- Corrupt DB can cause a NULL pointer dereference
2018-03-16 00:00:00
SQLite -- Corrupt DB can cause a NULL pointer dereference
2018-03-16 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-20:22.sqlite
2020-08-05 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: sqlite-3.32.1-1.fc32
2020-06-02 03:54:26
[SECURITY] Fedora 28 Update: sqlite-3.22.0-4.fc28
2018-04-01 00:46:25
[SECURITY] Fedora 26 Update: sqlite-3.20.1-2.fc26
2018-03-27 19:31:41
ibm
ibm
Security Bulletin: WML CE: WML CE: SQLite through 3.32.0 has various security issues.
2020-07-17 22:52:22
Security Bulletin: A vulnerability was identified and remediated in the IBM MaaS360 Cloud Extender (CVE-2020-13434, CVE-2020-13435)
2021-03-16 06:52:21
Security Bulletin: WML CE: SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.
2020-07-20 20:09:23
rocky
rocky
mingw packages security and bug fix update
2021-05-18 00:00:00
sqlite security update
2021-11-09 09:16:47
almalinux
almalinux
Moderate: mingw packages security and bug fix update
2021-05-18 06:30:39
Moderate: sqlite security update
2020-11-03 12:04:56
Moderate: sqlite security update
2021-11-09 09:16:47
redhat
redhat
(RHSA-2021:1968) Moderate: mingw packages security and bug fix update
2021-05-18 06:30:39
(RHSA-2020:4442) Moderate: sqlite security update
2020-11-03 12:04:56
(RHSA-2021:4396) Moderate: sqlite security update
2021-11-09 09:16:47
photon
photon
Important Photon OS Security Update - PHSA-2020-0101
2020-06-04 00:00:00
Important Photon OS Security Update - PHSA-2020-3.0-0101
2020-06-03 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0249
2020-06-03 00:00:00
mageia
mageia
Updated sqlite3 packages fix security vulnerabilities
2021-07-01 02:58:41
Updated sqlite3 packages fix security vulnerability
2018-03-23 01:39:21
osv
osv
Moderate: mingw packages security and bug fix update
2021-05-18 06:30:39
sqlite3 - security update
2020-08-22 00:00:00
CVE-2019-19645
2019-12-09 16:15:10
gentoo
gentoo
SQLite: Multiple vulnerabilities
2020-07-27 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1975
2021-07-02 18:09:04
debian
debian
[SECURITY] [DLA 2340-1] sqlite3 security update
2020-08-22 22:34:41
[SECURITY] [DLA 2203-1] sqlite3 security update
2020-05-05 20:32:48
[SECURITY] [DLA 2221-1] sqlite3
2020-05-26 09:44:15
suse
suse
Security update for sqlite3 (important)
2021-07-14 00:00:00
Security update for sqlite3 (important)
2021-07-20 00:00:00
debiancve
debiancve
CVE-2019-19645
2019-12-09 16:15:00
CVE-2020-11655
2020-04-09 03:15:00
CVE-2020-13632
2020-05-27 15:15:00
ubuntucve
ubuntucve
CVE-2019-19645
2019-12-09 00:00:00
CVE-2019-19603
2019-12-09 00:00:00
CVE-2020-11655
2020-04-09 00:00:00
oraclelinux
oraclelinux
sqlite security update
2020-11-10 00:00:00
sqlite security update
2021-11-16 00:00:00
kaspersky
kaspersky
KLA12007 Multiple vulnerabilities in Apple iTunes
2020-09-16 00:00:00
prion
prion
Code injection
2019-12-09 19:15:00
Design/Logic Flaw
2019-12-09 16:15:00
Null pointer dereference
2020-05-27 15:15:00
apple
apple
About the security content of iTunes 12.10.9 for Windows - Apple Support
2020-11-13 09:13:16
About the security content of iTunes 12.10.9 for Windows
2020-09-16 00:00:00
alpinelinux
alpinelinux
CVE-2019-19645
2019-12-09 16:15:00
CVE-2020-11655
2020-04-09 03:15:00
CVE-2020-13434
2020-05-24 22:15:00
redhatcve
redhatcve
CVE-2019-19645
2019-12-13 15:08:39
CVE-2020-13632
2020-05-29 13:55:25
CVE-2020-11655
2020-04-15 14:03:34
cve
cve
CVE-2019-19645
2019-12-09 16:15:00
CVE-2020-11655
2020-04-09 03:15:00
CVE-2020-13434
2020-05-24 22:15:00
cbl_mariner
cbl_mariner
CVE-2019-19645 affecting package ceph 16.2.10-3
2024-04-17 22:02:46
CVE-2020-13630 affecting package ceph 16.2.10-3
2024-04-17 22:02:46
CVE-2020-11655 affecting package ceph 16.2.10-3
2024-04-17 22:02:46
sqlite
sqlite
SQLite report about CVE-2020-11655
2020-01-01 00:00:00
SQLite report about CVE-2020-13434
2020-01-01 00:00:00
SQLite report about CVE-2020-13630
2020-01-01 00:00:00
veracode
veracode
Integer Overflows
2020-08-06 21:28:39
Denial Of Service (DoS)
2020-08-06 21:28:00
Denial Of Service (DoS)
2020-11-05 03:10:13

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8.7 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.023 Low

EPSS

Percentile

89.6%

JSON
Related for USN-4394-1
cloudfoundry1openvas26nessus46freebsd3freebsd_advisory1fedora4ibm5rocky2almalinux3redhat3photon6mageia2osv17gentoo1rosalinux1debian3suse2debiancve8ubuntucve8oraclelinux2kaspersky1prion9apple2alpinelinux8redhatcve8cve8cbl_mariner7sqlite5veracode7