CVE-2023-7104

Updated: 2024-02-29 02:46:44.66609

Description:

A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x HIGH 7.3

Status

OS name Project name Version Score Severity Status Errata Last updated
AlmaLinux 9.2 ESU sqlite 3.34.1 7.3 HIGH Released CLSA-2024:1707419637 2024-02-08 16:10:02
CentOS 6 ELS sqlite 3.6.20 7.3 HIGH Not Vulnerable 2024-01-11 13:09:02
CentOS 7 ELS sqlite 3.7.17 7.3 HIGH Not Vulnerable 2024-01-11 13:09:01
CentOS 8.4 ELS sqlite 3.26.0 7.3 HIGH Released CLSA-2024:1707917992 2024-02-14 10:09:22
CentOS 8.5 ELS sqlite 3.26.0 7.3 HIGH Released CLSA-2024:1707918214 2024-02-14 10:09:21
CloudLinux 6 ELS sqlite 3.6.20 7.3 HIGH Not Vulnerable 2024-01-11 13:09:01
Oracle Linux 6 ELS sqlite 3.6.20 7.3 HIGH Not Vulnerable 2024-01-11 13:09:01
Ubuntu 16.04 ELS sqlite3 3.11.0 7.3 HIGH Not Vulnerable 2024-01-10 08:38:35
Ubuntu 18.04 ELS sqlite3 3.22.0-1 7.3 HIGH Released CLSA-2024:1706215424 2024-01-25 16:09:46