Updated: 2024-03-15 20:21:54.401135
Description:
A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.
Links | NIST | CIRCL | RHEL | Ubuntu |
Severity | Score | |
---|---|---|
CVSS Version 2.x | 0 | |
CVSS Version 3.x | MEDIUM | 5.5 |
OS name | Project name | Version | Score | Severity | Status | Errata | Last updated |
---|---|---|---|---|---|---|---|
AlmaLinux 9.2 ESU | sqlite | 3.34.1 | 5.5 | MEDIUM | Ignored | 2024-01-25 08:42:34 | |
CentOS 6 ELS | sqlite | 3.6.20 | 5.5 | MEDIUM | Ignored | 2024-01-25 08:42:56 | |
CentOS 7 ELS | sqlite | 3.7.17 | 5.5 | MEDIUM | Ignored | 2024-01-25 08:42:47 | |
CentOS 8.4 ELS | sqlite | 3.26.0 | 5.5 | MEDIUM | Ignored | 2024-01-25 08:42:56 | |
CentOS 8.5 ELS | sqlite | 3.26.0 | 5.5 | MEDIUM | Ignored | 2024-01-25 08:42:55 | |
CentOS Stream 8 ELS | sqlite | 3.26.0 | 5.5 | MEDIUM | Ignored | 2024-05-10 10:14:40 | |
CloudLinux 6 ELS | sqlite | 3.6.20 | 5.5 | MEDIUM | Ignored | 2024-01-25 08:42:44 | |
Oracle Linux 6 ELS | sqlite | 3.6.20 | 5.5 | MEDIUM | Ignored | 2024-01-25 08:42:44 | |
Ubuntu 16.04 ELS | sqlite3 | 3.11.0 | 5.5 | MEDIUM | Ignored | 2024-01-25 08:42:48 | |
Ubuntu 18.04 ELS | sqlite3 | 3.22.0-1 | 5.5 | MEDIUM | Ignored | 2024-01-25 08:42:44 |