CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
29.4%
A flaw was found in SQLite’s SELECT query functionality (src/select.c). This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial of service or possible code execution by triggering a use-after-free. The highest threat from this vulnerability is to system availability.
Vendor | Product | Version | CPE |
---|---|---|---|
sqlite | sqlite | * | cpe:2.3:a:sqlite:sqlite:*:*:*:*:*:*:*:* |
oracle | communications_network_charging_and_control | * | cpe:2.3:a:oracle:communications_network_charging_and_control:*:*:*:*:*:*:*:* |
oracle | communications_network_charging_and_control | 6.0.1 | cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1:*:*:*:*:*:*:* |
oracle | enterprise_manager_for_oracle_database | 13.4.0.0 | cpe:2.3:a:oracle:enterprise_manager_for_oracle_database:13.4.0.0:*:*:*:*:*:*:* |
oracle | jd_edwards_enterpriseone_tools | * | cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:* |
oracle | mysql_workbench | * | cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:* |
oracle | outside_in_technology | 8.5.5 | cpe:2.3:a:oracle:outside_in_technology:8.5.5:*:*:*:*:*:*:* |
oracle | zfs_storage_appliance_kit | 8.8 | cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:* |
bugzilla.redhat.com/show_bug.cgi?id=1924886
security.gentoo.org/glsa/202103-04
security.gentoo.org/glsa/202210-40
security.netapp.com/advisory/ntap-20210423-0010/
www.oracle.com//security-alerts/cpujul2021.html
www.oracle.com/security-alerts/cpuApr2021.html
www.oracle.com/security-alerts/cpuoct2021.html
www.sqlite.org/releaselog/3_34_1.html
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
29.4%