CRITICAL✓ PATCH🇬🇧 English

CVE-2020-11656

CVSS 9.8v3.1pub. 2020-04-09upd. 2024-11-21

In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Netapp Ontap Select Deploy Administration Utility

    APP
    Netapp
    wszystkie wersje
  • Oracle Communications Messaging Server

    OS
    Oracle
    8.1
  • Oracle Communications Network Charging And Control

    APP
    Oracle
    12.0.26.0.112.0.0 – 12.0.3
  • Oracle Enterprise Manager Ops Center

    APP
    Oracle
    12.4.0.0
  • Oracle Hyperion Infrastructure Technology

    APP
    Oracle
    11.1.2.4
  • Oracle MySQL

    APP
    Oracle
    8.0.0 – 8.0.22
  • Oracle MySQL Workbench

    APP
    Oracle
    ≤ 8.0.22
  • Oracle Outside In Technology

    APP
    Oracle
    8.5.48.5.5
  • Oracle Zfs Storage Appliance Kit

    APP
    Oracle
    8.8
  • Siemens Sinec Infrastructure Network Services

    APP
    Siemens
    < 1.0.1.1
  • Sqlite

    APP
    Sqlite
    ≤ 3.31.1
  • Tenable Tenable.sc

    APP
    Tenable
    ≤ 5.19.0
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
Memory
CWE
Referencje

Powiązane podatności

CVE-2021-40438CRITICAL9.0⚠ KEVten sam produkt

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remot...

CVE-2020-15999CRITICAL9.6⚠ KEVten sam produkt

Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentia...

CVE-2022-31631CRITICAL9.1PL ✓ten sam produkt

PHP PDO SQLite — błędne cytowanie ciągów prowadzące do SQL injection

CVE-2020-35527CRITICAL9.8ten sam produkt

In SQLite 3.31.1, there is an out of bounds access problem through ALTER TABLE for views that have a nested FR...

CVE-2022-37434CRITICAL9.8ten sam produkt

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large g...