multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880.
{ "binaries": [ { "binary_name": "lemon", "binary_version": "3.8.2-1ubuntu2.2+esm2" }, { "binary_name": "libsqlite3-0", "binary_version": "3.8.2-1ubuntu2.2+esm2" }, { "binary_name": "libsqlite3-dev", "binary_version": "3.8.2-1ubuntu2.2+esm2" }, { "binary_name": "libsqlite3-tcl", "binary_version": "3.8.2-1ubuntu2.2+esm2" }, { "binary_name": "sqlite3", "binary_version": "3.8.2-1ubuntu2.2+esm2" } ], "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro" }
{ "binaries": [ { "binary_name": "lemon", "binary_version": "3.11.0-1ubuntu1.4" }, { "binary_name": "libsqlite3-0", "binary_version": "3.11.0-1ubuntu1.4" }, { "binary_name": "libsqlite3-dev", "binary_version": "3.11.0-1ubuntu1.4" }, { "binary_name": "libsqlite3-tcl", "binary_version": "3.11.0-1ubuntu1.4" }, { "binary_name": "sqlite3", "binary_version": "3.11.0-1ubuntu1.4" } ], "availability": "No subscription required" }
{ "binaries": [ { "binary_name": "lemon", "binary_version": "3.22.0-1ubuntu0.3" }, { "binary_name": "libsqlite3-0", "binary_version": "3.22.0-1ubuntu0.3" }, { "binary_name": "libsqlite3-dev", "binary_version": "3.22.0-1ubuntu0.3" }, { "binary_name": "libsqlite3-tcl", "binary_version": "3.22.0-1ubuntu0.3" }, { "binary_name": "sqlite3", "binary_version": "3.22.0-1ubuntu0.3" } ], "availability": "No subscription required" }