CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:L/Au:S/C:P/I:P/A:P
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
AI Score
Confidence
High
EPSS
Percentile
48.3%
A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999.
[
{
"vendor": "SQLite",
"product": "SQLite3",
"versions": [
{
"version": "3.0",
"status": "affected"
},
{
"version": "3.1",
"status": "affected"
},
{
"version": "3.2",
"status": "affected"
},
{
"version": "3.3",
"status": "affected"
},
{
"version": "3.4",
"status": "affected"
},
{
"version": "3.5",
"status": "affected"
},
{
"version": "3.6",
"status": "affected"
},
{
"version": "3.7",
"status": "affected"
},
{
"version": "3.8",
"status": "affected"
},
{
"version": "3.9",
"status": "affected"
},
{
"version": "3.10",
"status": "affected"
},
{
"version": "3.11",
"status": "affected"
},
{
"version": "3.12",
"status": "affected"
},
{
"version": "3.13",
"status": "affected"
},
{
"version": "3.14",
"status": "affected"
},
{
"version": "3.15",
"status": "affected"
},
{
"version": "3.16",
"status": "affected"
},
{
"version": "3.17",
"status": "affected"
},
{
"version": "3.18",
"status": "affected"
},
{
"version": "3.19",
"status": "affected"
},
{
"version": "3.20",
"status": "affected"
},
{
"version": "3.21",
"status": "affected"
},
{
"version": "3.22",
"status": "affected"
},
{
"version": "3.23",
"status": "affected"
},
{
"version": "3.24",
"status": "affected"
},
{
"version": "3.25",
"status": "affected"
},
{
"version": "3.26",
"status": "affected"
},
{
"version": "3.27",
"status": "affected"
},
{
"version": "3.28",
"status": "affected"
},
{
"version": "3.29",
"status": "affected"
},
{
"version": "3.30",
"status": "affected"
},
{
"version": "3.31",
"status": "affected"
},
{
"version": "3.32",
"status": "affected"
},
{
"version": "3.33",
"status": "affected"
},
{
"version": "3.34",
"status": "affected"
},
{
"version": "3.35",
"status": "affected"
},
{
"version": "3.36",
"status": "affected"
},
{
"version": "3.37",
"status": "affected"
},
{
"version": "3.38",
"status": "affected"
},
{
"version": "3.39",
"status": "affected"
},
{
"version": "3.40",
"status": "affected"
},
{
"version": "3.41",
"status": "affected"
},
{
"version": "3.42",
"status": "affected"
},
{
"version": "3.43",
"status": "affected"
}
],
"modules": [
"make alltest Handler"
]
}
]
lists.fedoraproject.org/archives/list/[email protected]/message/AYONA2XSNFMXLAW4IHLFI5UVV3QRNG5K/
lists.fedoraproject.org/archives/list/[email protected]/message/D6C2HN4T2S6GYNTAUXLH45LQZHK7QPHP/
security.netapp.com/advisory/ntap-20240112-0008/
sqlite.org/forum/forumpost/5bcbf4571c
sqlite.org/src/info/0e4e7a05c4204b47
vuldb.com/?ctiid.248999
vuldb.com/?id.248999
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:L/Au:S/C:P/I:P/A:P
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
AI Score
Confidence
High
EPSS
Percentile
48.3%