In SQLite 3.31.1, there is an out of bounds access problem through ALTER TABLE for views that have a nested FROM clause.
Max CVSS
9.8
EPSS Score
0.22%
Published
2022-09-01
Updated
2022-12-08
In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.
Max CVSS
9.8
EPSS Score
1.08%
Published
2020-04-09
Updated
2022-04-08
pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns.
Max CVSS
9.8
EPSS Score
1.35%
Published
2019-12-09
Updated
2022-04-15
lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other impact.
Max CVSS
9.8
EPSS Score
0.22%
Published
2019-12-05
Updated
2022-04-15
SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.
Max CVSS
9.8
EPSS Score
0.53%
Published
2019-05-30
Updated
2021-07-31
The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact.
Max CVSS
9.8
EPSS Score
0.95%
Published
2017-07-07
Updated
2019-10-03
Multiple unspecified vulnerabilities in SQLite before 3.8.10.2, as used in Apple iOS before 9, have unknown impact and attack vectors.
Max CVSS
10.0
EPSS Score
3.33%
Published
2015-09-18
Updated
2016-12-22
7 vulnerabilities found