Vulnerabilities > CVE-2024-46488 - Out-of-bounds Write vulnerability in Asg017 Sqlite-Vec 0.1.1

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
asg017
CWE-787
NVD
Published: 2024-09-25
Updated: 2024-10-02

Summary

sqlite-vec v0.1.1 was discovered to contain a heap buffer overflow via the npy_token_next function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file.

Vulnerable Configurations

Part Description Count
Application
Asg017
1

Common Weakness Enumeration (CWE)

References