Vulnerabilities > CVE-2022-46908 - Unspecified vulnerability in Sqlite

047910
CVSS 7.3 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
LOW
local
low complexity
sqlite

Summary

SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.