sqlite

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description A C library that implements an SQL database engine
Version 3.33.0-2 [core]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-1182 3.32.2-1 3.32.3-1 High Fixed
AVG-840 3.25.3-1 3.26.0-1 Critical Fixed
Issue Group Severity Remote Type Description
CVE-2020-13871 AVG-1182 High No Arbitrary code execution
SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.
CVE-2018-20346 AVG-840 Critical Yes Arbitrary code execution
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after...

Advisories

Date Advisory Group Severity Description
28 Jun 2020 ASA-202006-11 AVG-1182 High arbitrary code execution