Lucene search
GitHub Advisory DatabaseGHSA-6PHF-6H5G-97J2HistoryMay 23, 2023 - 8:07 p.m.
Sqlite-jdbc vulnerable to remote code execution when JDBC url is attacker controlled
2023-05-2320:07:58
CWE-94
GitHub Advisory Database
github.com
38
sqlite-jdbc
remote code execution
jdbc url
vulnerability
3.6.14.1-3.41.2.1
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.015
Percentile
87.0%
Summary
Sqlite-jdbc addresses a remote code execution vulnerability via JDBC URL.
Impacted versions :
3.6.14.1-3.41.2.1
References
Affected configurations
Node
org.xerialsqlite-jdbcRange3.6.14.1–3.41.2.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| org.xerial | sqlite-jdbc | * | cpe:2.3:a:org.xerial:sqlite-jdbc:*:*:*:*:*:*:*:* |
Related
ubuntucve
ubuntucve
CVE-2023-32697
2023-05-23 00:00:00
sqlite
sqlite
SQLite report about CVE-2023-32697
2023-01-01 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2023-05-25 03:20:10
cve
cve
CVE-2023-32697
2023-05-23 23:15:09
prion
prion
Remote code execution
2023-05-23 23:15:00
cnvd
cnvd
SQLite Code Injection Vulnerability
2023-05-25 00:00:00
ibm
ibm
osv
osv
CVE-2023-32697
2023-05-23 23:15:09
nvd
nvd
CVE-2023-32697
2023-05-23 23:15:09
redhatcve
redhatcve
CVE-2023-32697
2023-05-24 06:10:17
debiancve
debiancve
CVE-2023-32697
2023-05-23 23:15:09
cvelist
cvelist
oracle
oracle
Oracle Critical Patch Update Advisory - January 2024
2024-01-16 00:00:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.015
Percentile
87.0%
Related for GHSA-6PHF-6H5G-97J2