BIT-sqlite-2020-15358

See a problem?
Import Source
https://github.com/bitnami/vulndb/tree/main/data/sqlite/BIT-sqlite-2020-15358.json
JSON Data
https://api.osv.dev/v1/vulns/BIT-sqlite-2020-15358
Aliases
Published
2024-03-06T11:07:23.204Z
Modified
2024-09-19T16:27:04.196817Z
Summary
[none]
Details

In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.

References

Affected packages

Bitnami / sqlite

Package

Name
sqlite
Purl
pkg:bitnami/sqlite

Severity

  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.32.3