Vulnerabilities > Sqlite > Sqlite > 3.31.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-29 | CVE-2023-7104 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. | 7.3 |
2022-09-01 | CVE-2020-35525 | NULL Pointer Dereference vulnerability in Sqlite 3.31.1 In SQlite 3.31.1, a potential null pointer derreference was found in the INTERSEC query processing. | 7.5 |
2022-09-01 | CVE-2020-35527 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In SQLite 3.31.1, there is an out of bounds access problem through ALTER TABLE for views that have a nested FROM clause. | 9.8 |
2022-08-03 | CVE-2022-35737 | Improper Validation of Array Index vulnerability in multiple products SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API. | 7.5 |
2020-06-27 | CVE-2020-15358 | Out-of-bounds Write vulnerability in multiple products In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. | 2.1 |
2020-04-09 | CVE-2020-11656 | Use After Free vulnerability in multiple products In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement. | 7.5 |
2020-04-09 | CVE-2020-11655 | Improper Initialization vulnerability in multiple products SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled. | 5.0 |
2020-02-21 | CVE-2020-9327 | NULL Pointer Dereference vulnerability in multiple products In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations. | 5.0 |