CVE-2018-20505

SQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, allows remote attackers to cause a denial of service (application crash) by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases).

Database specific

{
    "unresolved_ranges": [
        {
            "source": "CPE_RANGE",
            "cpes": [
                "cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*"
            ],
            "vendor_product": "apple:icloud",
            "extracted_events": [
                {
                    "fixed": "7.10"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "cpes": [
                "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"
            ],
            "vendor_product": "apple:iphone_os",
            "extracted_events": [
                {
                    "fixed": "12.1.3"
                }
            ]
        },
        {
            "source": "CPE_RANGE",
            "cpes": [
                "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "fixed": "12.9.3"
                }
            ],
            "vendor_product": "apple:itunes"
        },
        {
            "source": "CPE_RANGE",
            "cpes": [
                "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "fixed": "10.14.2"
                }
            ],
            "vendor_product": "apple:mac_os_x"
        },
        {
            "source": "CPE_RANGE",
            "cpes": [
                "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*"
            ],
            "vendor_product": "apple:watchos",
            "extracted_events": [
                {
                    "fixed": "5.1.3"
                }
            ]
        }
    ]
}

References

Affected packages

Git / github.com/sqlite/sqlite

Affected ranges

Type

GIT

Repo

https://github.com/sqlite/sqlite

Events

Introduced

Last affected

653b4f6078ecc34055f2ce47fbd80f74501ca4b8

Database specific

{
    "source": "CPE_RANGE",
    "cpe": "cpe:2.3:a:sqlite:sqlite:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.25.2"
        }
    ]
}

Affected versions

version-1.*

version-1.0

version-1.0.1

version-1.0.10

version-1.0.12

version-1.0.13

version-1.0.14

version-1.0.15

version-1.0.16

version-1.0.17

version-1.0.18

version-1.0.19

version-1.0.20

version-1.0.21

version-1.0.22

version-1.0.23

version-1.0.24

version-1.0.25

version-1.0.26

version-1.0.27

version-1.0.28

version-1.0.29

version-1.0.3

version-1.0.30

version-1.0.31

version-1.0.32

version-1.0.4

version-1.0.5

version-1.0.8

version-1.0.9

version-2.*

version-2.0.0

version-2.0.1

version-2.0.2

version-2.0.3

version-2.0.4

version-2.0.5

version-2.0.6

version-2.0.7

version-2.0.8

version-2.1.0

version-2.1.1

version-2.1.2

version-2.1.3

version-2.1.4

version-2.1.5

version-2.1.6

version-2.1.7

version-2.2.0

version-2.2.1

version-2.2.2

version-2.2.3

version-2.2.4

version-2.2.5

version-2.3.0

version-2.3.1

version-2.3.2

version-2.3.3

version-2.4.0

version-2.4.1

version-2.4.10

version-2.4.11

version-2.4.12

version-2.4.2

version-2.4.3

version-2.4.4

version-2.4.5

version-2.4.6

version-2.4.7

version-2.4.8

version-2.4.9

version-2.5.0

version-2.5.1

version-2.5.2

version-2.5.3

version-2.5.4

version-2.5.5

version-2.5.6

version-2.6.0

version-2.6.1

version-2.6.2

version-2.6.3

version-2.7.0

version-2.7.1

version-2.7.2

version-2.7.3

version-2.7.4

version-2.7.5

version-2.7.6

version-2.8.0

version-2.8.1

version-2.8.10

version-2.8.11

version-2.8.12

version-2.8.13

version-2.8.2

version-2.8.3

version-2.8.4

version-2.8.5

version-2.8.6

version-2.8.7

version-2.8.8

version-2.8.9

version-3.*

version-3.0.0

version-3.0.1

version-3.0.2

version-3.0.3

version-3.0.4

version-3.0.5

version-3.0.6

version-3.0.7

version-3.0.8

version-3.1.0

version-3.1.1

version-3.1.2

version-3.1.3

version-3.1.3.1

version-3.1.4

version-3.1.5

version-3.1.6

version-3.10.0

version-3.11.0

version-3.12.0

version-3.13.0

version-3.14.0

version-3.15.0

version-3.16.0

version-3.2.0

version-3.2.1

version-3.2.2

version-3.2.3

version-3.2.4

version-3.2.5

version-3.2.6

version-3.2.7

version-3.22.0

version-3.23.0

version-3.23.1

version-3.24.0

version-3.25.0

version-3.25.1

version-3.25.2

version-3.3.0

version-3.3.1

version-3.3.10

version-3.3.11

version-3.3.12

version-3.3.13

version-3.3.14

version-3.3.15

version-3.3.16

version-3.3.17

version-3.3.2

version-3.3.3

version-3.3.4

version-3.3.5

version-3.3.6

version-3.3.7

version-3.3.8

version-3.3.9

version-3.4.0

version-3.4.1

version-3.4.2

version-3.5.0

version-3.5.1

version-3.5.2

version-3.5.3

version-3.5.4

version-3.5.5

version-3.5.6

version-3.5.7

version-3.5.8

version-3.5.9

version-3.6.0

version-3.6.1

version-3.6.10

version-3.6.11

version-3.6.12

version-3.6.13

version-3.6.14

version-3.6.15

version-3.6.16

version-3.6.17

version-3.6.18

version-3.6.19

version-3.6.2

version-3.6.20

version-3.6.21

version-3.6.22

version-3.6.23

version-3.6.3

version-3.6.4

version-3.6.5

version-3.6.6

version-3.6.7

version-3.6.8

version-3.6.9

version-3.7.0

version-3.7.1

version-3.7.10

version-3.7.11

version-3.7.12

version-3.7.12.1

version-3.7.13

version-3.7.14

version-3.7.15

version-3.7.16

version-3.7.16.1

version-3.7.17

version-3.7.2

version-3.7.3

version-3.7.4

version-3.7.5

version-3.7.6

version-3.7.6.1

version-3.7.7

version-3.7.8

version-3.7.9

version-3.8.0

version-3.8.1

version-3.8.10

version-3.8.10.1

version-3.8.11

version-3.8.11.1

version-3.8.2

version-3.8.3

version-3.8.4

version-3.8.4.1

version-3.8.5

version-3.8.6

version-3.8.7

version-3.8.8

version-3.8.9

version-3.9.0

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-20505.json"