Lucene search
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2021-4396.NASLHistoryNov 11, 2021 - 12:00 a.m.
RHEL 8 : sqlite (RHSA-2021:4396)
2021-11-1100:00:00
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
64
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
Low
0.01 Low
EPSS
Percentile
83.8%
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4396 advisory.
-
sqlite: out-of-bounds access due to the use of 32-bit memory allocator interfaces (CVE-2019-5827)
-
sqlite: dropping of shadow tables not restricted in defensive mode (CVE-2019-13750)
-
sqlite: fts3: improve detection of corrupted records (CVE-2019-13751)
-
sqlite: mishandling of certain SELECT statements with non-existent VIEW can lead to DoS (CVE-2019-19603)
-
sqlite: NULL pointer dereference in sqlite3ExprCodeTarget() (CVE-2020-13435)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2021:4396. The text
# itself is copyright (C) Red Hat, Inc.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(155211);
script_version("1.9");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/28");
script_cve_id(
"CVE-2019-5827",
"CVE-2019-13750",
"CVE-2019-13751",
"CVE-2019-19603",
"CVE-2020-13435"
);
script_xref(name:"RHSA", value:"2021:4396");
script_name(english:"RHEL 8 : sqlite (RHSA-2021:4396)");
script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates for sqlite.");
script_set_attribute(attribute:"description", value:
"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as
referenced in the RHSA-2021:4396 advisory.
- sqlite: out-of-bounds access due to the use of 32-bit memory allocator interfaces (CVE-2019-5827)
- sqlite: dropping of shadow tables not restricted in defensive mode (CVE-2019-13750)
- sqlite: fts3: improve detection of corrupted records (CVE-2019-13751)
- sqlite: mishandling of certain SELECT statements with non-existent VIEW can lead to DoS (CVE-2019-19603)
- sqlite: NULL pointer dereference in sqlite3ExprCodeTarget() (CVE-2020-13435)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?7240878e");
# https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2021_4396.json
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?735755da");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/updates/classification/#moderate");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2021:4396");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1706805");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1781997");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1781998");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1785318");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1841231");
script_set_attribute(attribute:"solution", value:
"Update the RHEL sqlite package based on the guidance in RHSA-2021:4396.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-5827");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_cwe_id(20, 125, 476);
script_set_attribute(attribute:"vendor_severity", value:"Moderate");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/04/30");
script_set_attribute(attribute:"patch_publication_date", value:"2021/11/09");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/11/11");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:lemon");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:sqlite");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:sqlite-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:sqlite-doc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:sqlite-libs");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Red Hat Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl", "redhat_repos.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
include('rhel.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');
var os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
os_ver = os_ver[1];
if (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);
if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);
var constraints = [
{
'repo_relative_urls': [
'content/dist/rhel8/8.10/aarch64/appstream/debug',
'content/dist/rhel8/8.10/aarch64/appstream/os',
'content/dist/rhel8/8.10/aarch64/appstream/source/SRPMS',
'content/dist/rhel8/8.10/aarch64/baseos/debug',
'content/dist/rhel8/8.10/aarch64/baseos/os',
'content/dist/rhel8/8.10/aarch64/baseos/source/SRPMS',
'content/dist/rhel8/8.10/ppc64le/appstream/debug',
'content/dist/rhel8/8.10/ppc64le/appstream/os',
'content/dist/rhel8/8.10/ppc64le/appstream/source/SRPMS',
'content/dist/rhel8/8.10/ppc64le/baseos/debug',
'content/dist/rhel8/8.10/ppc64le/baseos/os',
'content/dist/rhel8/8.10/ppc64le/baseos/source/SRPMS',
'content/dist/rhel8/8.10/s390x/appstream/debug',
'content/dist/rhel8/8.10/s390x/appstream/os',
'content/dist/rhel8/8.10/s390x/appstream/source/SRPMS',
'content/dist/rhel8/8.10/s390x/baseos/debug',
'content/dist/rhel8/8.10/s390x/baseos/os',
'content/dist/rhel8/8.10/s390x/baseos/source/SRPMS',
'content/dist/rhel8/8.10/x86_64/appstream/debug',
'content/dist/rhel8/8.10/x86_64/appstream/os',
'content/dist/rhel8/8.10/x86_64/appstream/source/SRPMS',
'content/dist/rhel8/8.10/x86_64/baseos/debug',
'content/dist/rhel8/8.10/x86_64/baseos/os',
'content/dist/rhel8/8.10/x86_64/baseos/source/SRPMS',
'content/dist/rhel8/8.6/aarch64/appstream/debug',
'content/dist/rhel8/8.6/aarch64/appstream/os',
'content/dist/rhel8/8.6/aarch64/appstream/source/SRPMS',
'content/dist/rhel8/8.6/aarch64/baseos/debug',
'content/dist/rhel8/8.6/aarch64/baseos/os',
'content/dist/rhel8/8.6/aarch64/baseos/source/SRPMS',
'content/dist/rhel8/8.6/ppc64le/appstream/debug',
'content/dist/rhel8/8.6/ppc64le/appstream/os',
'content/dist/rhel8/8.6/ppc64le/appstream/source/SRPMS',
'content/dist/rhel8/8.6/ppc64le/baseos/debug',
'content/dist/rhel8/8.6/ppc64le/baseos/os',
'content/dist/rhel8/8.6/ppc64le/baseos/source/SRPMS',
'content/dist/rhel8/8.6/s390x/appstream/debug',
'content/dist/rhel8/8.6/s390x/appstream/os',
'content/dist/rhel8/8.6/s390x/appstream/source/SRPMS',
'content/dist/rhel8/8.6/s390x/baseos/debug',
'content/dist/rhel8/8.6/s390x/baseos/os',
'content/dist/rhel8/8.6/s390x/baseos/source/SRPMS',
'content/dist/rhel8/8.6/x86_64/appstream/debug',
'content/dist/rhel8/8.6/x86_64/appstream/os',
'content/dist/rhel8/8.6/x86_64/appstream/source/SRPMS',
'content/dist/rhel8/8.6/x86_64/baseos/debug',
'content/dist/rhel8/8.6/x86_64/baseos/os',
'content/dist/rhel8/8.6/x86_64/baseos/source/SRPMS',
'content/dist/rhel8/8.8/aarch64/appstream/debug',
'content/dist/rhel8/8.8/aarch64/appstream/os',
'content/dist/rhel8/8.8/aarch64/appstream/source/SRPMS',
'content/dist/rhel8/8.8/aarch64/baseos/debug',
'content/dist/rhel8/8.8/aarch64/baseos/os',
'content/dist/rhel8/8.8/aarch64/baseos/source/SRPMS',
'content/dist/rhel8/8.8/ppc64le/appstream/debug',
'content/dist/rhel8/8.8/ppc64le/appstream/os',
'content/dist/rhel8/8.8/ppc64le/appstream/source/SRPMS',
'content/dist/rhel8/8.8/ppc64le/baseos/debug',
'content/dist/rhel8/8.8/ppc64le/baseos/os',
'content/dist/rhel8/8.8/ppc64le/baseos/source/SRPMS',
'content/dist/rhel8/8.8/s390x/appstream/debug',
'content/dist/rhel8/8.8/s390x/appstream/os',
'content/dist/rhel8/8.8/s390x/appstream/source/SRPMS',
'content/dist/rhel8/8.8/s390x/baseos/debug',
'content/dist/rhel8/8.8/s390x/baseos/os',
'content/dist/rhel8/8.8/s390x/baseos/source/SRPMS',
'content/dist/rhel8/8.8/x86_64/appstream/debug',
'content/dist/rhel8/8.8/x86_64/appstream/os',
'content/dist/rhel8/8.8/x86_64/appstream/source/SRPMS',
'content/dist/rhel8/8.8/x86_64/baseos/debug',
'content/dist/rhel8/8.8/x86_64/baseos/os',
'content/dist/rhel8/8.8/x86_64/baseos/source/SRPMS',
'content/dist/rhel8/8.9/aarch64/appstream/debug',
'content/dist/rhel8/8.9/aarch64/appstream/os',
'content/dist/rhel8/8.9/aarch64/appstream/source/SRPMS',
'content/dist/rhel8/8.9/aarch64/baseos/debug',
'content/dist/rhel8/8.9/aarch64/baseos/os',
'content/dist/rhel8/8.9/aarch64/baseos/source/SRPMS',
'content/dist/rhel8/8.9/ppc64le/appstream/debug',
'content/dist/rhel8/8.9/ppc64le/appstream/os',
'content/dist/rhel8/8.9/ppc64le/appstream/source/SRPMS',
'content/dist/rhel8/8.9/ppc64le/baseos/debug',
'content/dist/rhel8/8.9/ppc64le/baseos/os',
'content/dist/rhel8/8.9/ppc64le/baseos/source/SRPMS',
'content/dist/rhel8/8.9/s390x/appstream/debug',
'content/dist/rhel8/8.9/s390x/appstream/os',
'content/dist/rhel8/8.9/s390x/appstream/source/SRPMS',
'content/dist/rhel8/8.9/s390x/baseos/debug',
'content/dist/rhel8/8.9/s390x/baseos/os',
'content/dist/rhel8/8.9/s390x/baseos/source/SRPMS',
'content/dist/rhel8/8.9/x86_64/appstream/debug',
'content/dist/rhel8/8.9/x86_64/appstream/os',
'content/dist/rhel8/8.9/x86_64/appstream/source/SRPMS',
'content/dist/rhel8/8.9/x86_64/baseos/debug',
'content/dist/rhel8/8.9/x86_64/baseos/os',
'content/dist/rhel8/8.9/x86_64/baseos/source/SRPMS',
'content/dist/rhel8/8/aarch64/appstream/debug',
'content/dist/rhel8/8/aarch64/appstream/os',
'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',
'content/dist/rhel8/8/aarch64/baseos/debug',
'content/dist/rhel8/8/aarch64/baseos/os',
'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',
'content/dist/rhel8/8/ppc64le/appstream/debug',
'content/dist/rhel8/8/ppc64le/appstream/os',
'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',
'content/dist/rhel8/8/ppc64le/baseos/debug',
'content/dist/rhel8/8/ppc64le/baseos/os',
'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',
'content/dist/rhel8/8/s390x/appstream/debug',
'content/dist/rhel8/8/s390x/appstream/os',
'content/dist/rhel8/8/s390x/appstream/source/SRPMS',
'content/dist/rhel8/8/s390x/baseos/debug',
'content/dist/rhel8/8/s390x/baseos/os',
'content/dist/rhel8/8/s390x/baseos/source/SRPMS',
'content/dist/rhel8/8/x86_64/appstream/debug',
'content/dist/rhel8/8/x86_64/appstream/os',
'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',
'content/dist/rhel8/8/x86_64/baseos/debug',
'content/dist/rhel8/8/x86_64/baseos/os',
'content/dist/rhel8/8/x86_64/baseos/source/SRPMS'
],
'pkgs': [
{'reference':'lemon-3.26.0-15.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'sqlite-3.26.0-15.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'sqlite-devel-3.26.0-15.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'sqlite-doc-3.26.0-15.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'sqlite-libs-3.26.0-15.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE}
]
}
];
var applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);
if(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);
var flag = 0;
foreach var constraint_array ( constraints ) {
var repo_relative_urls = NULL;
if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];
foreach var pkg ( constraint_array['pkgs'] ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
var cves = NULL;
if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];
if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
if (reference &&
_release &&
rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&
(applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&
rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
}
}
if (flag)
{
var extra = NULL;
if (isnull(applicable_repo_urls) || !applicable_repo_urls) extra = rpm_report_get() + redhat_report_repo_caveat();
else extra = rpm_report_get();
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : extra
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'lemon / sqlite / sqlite-devel / sqlite-doc / sqlite-libs');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | enterprise_linux | 8 | cpe:/o:redhat:enterprise_linux:8 |
| redhat | enterprise_linux | lemon | p-cpe:/a:redhat:enterprise_linux:lemon |
| redhat | enterprise_linux | sqlite | p-cpe:/a:redhat:enterprise_linux:sqlite |
| redhat | enterprise_linux | sqlite-devel | p-cpe:/a:redhat:enterprise_linux:sqlite-devel |
| redhat | enterprise_linux | sqlite-doc | p-cpe:/a:redhat:enterprise_linux:sqlite-doc |
| redhat | enterprise_linux | sqlite-libs | p-cpe:/a:redhat:enterprise_linux:sqlite-libs |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13750
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13751
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19603
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5827
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13435
www.nessus.org/u?7240878e
www.nessus.org/u?735755da
access.redhat.com/errata/RHSA-2021:4396
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1706805
bugzilla.redhat.com/show_bug.cgi?id=1781997
bugzilla.redhat.com/show_bug.cgi?id=1781998
bugzilla.redhat.com/show_bug.cgi?id=1785318
bugzilla.redhat.com/show_bug.cgi?id=1841231
Related
nessus
nessus
Rocky Linux 8 : sqlite (RLSA-2021:4396)
2023-11-06 00:00:00
Oracle Linux 8 : sqlite (ELSA-2021-4396)
2021-11-17 00:00:00
AlmaLinux 8 : sqlite (ALSA-2021:4396)
2022-02-09 00:00:00
osv
osv
Moderate: sqlite security update
2021-11-09 09:16:47
Moderate: sqlite security update
2021-11-09 09:16:47
CVE-2019-19603
2019-12-09 19:15:14
oraclelinux
oraclelinux
sqlite security update
2021-11-16 00:00:00
rocky
rocky
sqlite security update
2021-11-09 09:16:47
redhat
redhat
(RHSA-2021:4396) Moderate: sqlite security update
2021-11-09 09:16:47
(RHSA-2019:1243) Important: chromium-browser security update
2019-05-16 20:01:47
almalinux
almalinux
Moderate: sqlite security update
2021-11-09 09:16:47
prion
prion
Code injection
2019-12-09 19:15:00
Input validation
2019-12-10 22:15:00
Design/Logic Flaw
2019-12-10 22:15:00
cvelist
cvelist
ubuntucve
ubuntucve
veracode
veracode
Authorization Bypass
2020-09-21 06:23:27
Denial Of Service (DoS)
2021-11-14 00:40:47
Information Disclosure
2020-09-21 06:31:35
nvd
nvd
debiancve
debiancve
openvas
openvas
Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2020-2398)
2020-11-04 00:00:00
Ubuntu: Security Advisory (USN-4298-2)
2022-08-26 00:00:00
Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2020-1930)
2020-09-04 00:00:00
redhatcve
redhatcve
alpinelinux
alpinelinux
CVE-2020-13435
2020-05-24 22:15:10
CVE-2019-19603
2019-12-09 19:15:00
cve
cve
cbl_mariner
cbl_mariner
CVE-2020-13435 affecting package ceph for versions less than 18.2.1-1
2024-04-17 22:02:46
sqlite
sqlite
SQLite report about CVE-2020-13435
2020-01-01 00:00:00
ubuntu
ubuntu
SQLite vulnerabilities
2020-08-03 00:00:00
SQLite vulnerabilities
2020-06-10 00:00:00
SQLite vulnerabilities
2020-03-10 00:00:00
cloudlinux
cloudlinux
Fixed CVEs in sqlite: CVE-2020-35525, CVE-2020-13435
2022-10-10 18:56:17
kaspersky
kaspersky
KLA11475 Multiple vulnerabilities in Google Chrome
2019-04-30 00:00:00
KLA12007 Multiple vulnerabilities in Apple iTunes
2020-09-16 00:00:00
ibm
ibm
suse
suse
Security update for chromium (important)
2019-05-28 00:00:00
Security update for chromium (important)
2019-06-03 00:00:00
Security update for sqlite3 (important)
2021-07-20 00:00:00
mageia
mageia
Updated sqlite3 packages fix security vulnerabilities
2020-01-30 21:28:34
Updated sqlite3 packages fix security vulnerabilities
2021-07-01 02:58:41
threatpost
threatpost
Google Chrome Affected By Magellan 2.0 Flaws
2019-12-27 16:45:20
fedora
fedora
[SECURITY] Fedora 29 Update: sqlite-3.26.0-3.fc29
2019-06-04 02:22:26
[SECURITY] Fedora 30 Update: sqlite-3.26.0-5.fc30
2019-05-20 01:05:52
[SECURITY] Fedora 29 Update: sqlite-3.26.0-4.fc29
2019-08-08 01:53:28
cloudfoundry
cloudfoundry
USN-4394-1: SQLite vulnerabilities | Cloud Foundry
2020-06-24 00:00:00
USN-4298-1: SQLite vulnerabilities | Cloud Foundry
2020-03-31 00:00:00
USN-4205-1: SQLite vulnerabilities | Cloud Foundry
2019-12-18 00:00:00
gentoo
gentoo
SQLite: Multiple vulnerabilities
2020-03-15 00:00:00
SQLite: Multiple vulnerabilities
2020-07-27 00:00:00
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2020-2.0-0198
2020-01-03 00:00:00
Critical Photon OS Security Update - PHSA-2019-0198
2019-01-03 00:00:00
Important Photon OS Security Update - PHSA-2020-0101
2020-06-04 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2019-04-30 00:00:00
freebsd
freebsd
several security issues in sqlite3
2020-05-25 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-20:22.sqlite
2020-08-05 00:00:00
apple
apple
About the security content of iTunes 12.10.9 for Windows - Apple Support
2020-11-13 09:13:16
About the security content of iTunes 12.10.9 for Windows
2020-09-16 00:00:00
debian
debian
[SECURITY] [DLA 2340-1] sqlite3 security update
2020-08-22 22:34:41
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
Low
0.01 Low
EPSS
Percentile
83.8%
Related for REDHAT-RHSA-2021-4396.NASL