Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:ALSA-2021:4396
HistoryNov 09, 2021 - 9:16 a.m.

Moderate: sqlite security update

2021-11-0909:16:47
Google
osv.dev
22
sqlite
security update
out-of-bounds access
memory allocator
defensive mode
shadow tables
corrupted records
denial of service
null pointer
release notes
cvss score

AI Score

8.8

Confidence

High

EPSS

0.01

Percentile

83.8%

JSON

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server.

Security Fix(es):

  • sqlite: out-of-bounds access due to the use of 32-bit memory allocator interfaces (CVE-2019-5827)

  • sqlite: dropping of shadow tables not restricted in defensive mode (CVE-2019-13750)

  • sqlite: fts3: improve detection of corrupted records (CVE-2019-13751)

  • sqlite: mishandling of certain SELECT statements with non-existent VIEW can lead to DoS (CVE-2019-19603)

  • sqlite: NULL pointer dereference in sqlite3ExprCodeTarget() (CVE-2020-13435)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

Related

nessus 45
osv 6
oraclelinux 1
rocky 1
redhat 21
almalinux 1
cvelist 5
prion 5
ubuntucve 5
nvd 5
veracode 5
debiancve 5
alpinelinux 2
cve 5
redhatcve 5
openvas 31
cbl_mariner 1
sqlite 1
ubuntu 4
ibm 6
kaspersky 2
cloudlinux 1
suse 4
cloudfoundry 3
fedora 7
mageia 2
threatpost 1
gentoo 2
photon 11
chrome 1
freebsd 1
freebsd_advisory 1
apple 2
debian 1
nessus
nessus
AlmaLinux 8 : sqlite (ALSA-2021:4396)
2022-02-09 00:00:00
Oracle Linux 8 : sqlite (ELSA-2021-4396)
2021-11-17 00:00:00
NewStart CGSL MAIN 6.02 : sqlite Multiple Vulnerabilities (NS-SA-2024-0063)
2024-09-10 00:00:00
osv
osv
Moderate: sqlite security update
2021-11-09 09:16:47
CVE-2019-19603
2019-12-09 19:15:14
CVE-2020-13435
2020-05-24 22:15:10
oraclelinux
oraclelinux
sqlite security update
2021-11-16 00:00:00
rocky
rocky
sqlite security update
2021-11-09 09:16:47
redhat
redhat
(RHSA-2021:4396) Moderate: sqlite security update
2021-11-09 09:16:47
(RHSA-2019:1243) Important: chromium-browser security update
2019-05-16 20:01:47
(RHSA-2021:4032) Low: Openshift Logging 5.2.3 bug fix and security update
2021-11-17 03:27:52
almalinux
almalinux
Moderate: sqlite security update
2021-11-09 09:16:47
cvelist
cvelist
CVE-2019-19603
2019-12-09 18:44:06
CVE-2019-13750
2019-12-10 21:01:52
CVE-2019-13751
2019-12-10 21:01:52
prion
prion
Code injection
2019-12-09 19:15:00
Input validation
2019-12-10 22:15:00
Design/Logic Flaw
2019-12-10 22:15:00
ubuntucve
ubuntucve
CVE-2019-19603
2019-12-09 00:00:00
CVE-2019-13751
2019-12-10 00:00:00
CVE-2020-13435
2020-05-24 00:00:00
nvd
nvd
CVE-2019-19603
2019-12-09 19:15:14
CVE-2019-13750
2019-12-10 22:15:14
CVE-2019-13751
2019-12-10 22:15:14
veracode
veracode
Authorization Bypass
2020-09-21 06:23:27
Denial Of Service (DoS)
2021-11-14 00:40:47
Information Disclosure
2020-09-21 06:31:35
debiancve
debiancve
CVE-2019-13751
2019-12-10 22:15:14
CVE-2019-19603
2019-12-09 19:15:14
CVE-2019-13750
2019-12-10 22:15:14
alpinelinux
alpinelinux
CVE-2019-19603
2019-12-09 19:15:00
CVE-2020-13435
2020-05-24 22:15:10
cve
cve
CVE-2019-19603
2019-12-09 19:15:14
CVE-2019-5827
2019-06-27 17:15:14
CVE-2019-13750
2019-12-10 22:15:14
redhatcve
redhatcve
CVE-2019-13751
2019-12-11 01:21:51
CVE-2019-19603
2019-12-19 17:06:29
CVE-2019-5827
2019-05-06 12:51:03
openvas
openvas
Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2020-2398)
2020-11-04 00:00:00
Ubuntu: Security Advisory (USN-4298-2)
2022-08-26 00:00:00
openSUSE: Security Advisory for chromium (openSUSE-SU-2019:1456-1)
2019-05-28 00:00:00
cbl_mariner
cbl_mariner
CVE-2020-13435 affecting package ceph for versions less than 18.2.1-1
2024-04-17 22:02:46
sqlite
sqlite
SQLite report about CVE-2020-13435
2020-01-01 00:00:00
ubuntu
ubuntu
SQLite vulnerabilities
2020-08-03 00:00:00
SQLite vulnerabilities
2020-06-10 00:00:00
SQLite vulnerabilities
2020-03-10 00:00:00
ibm
ibm
Security Bulletin: A vulnerability was identified and remediated in the IBM MaaS360 Cloud Extender (CVE-2020-13434, CVE-2020-13435)
2021-03-16 06:52:21
Security Bulletin: WML CE: SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.
2020-07-20 20:09:23
Security Bulletin: A security vulnerability has been identified in the sqlite package shipped with IBM Watson Machine Learning Community Edition (WMLCE)
2020-05-20 00:26:41
kaspersky
kaspersky
KLA11475 Multiple vulnerabilities in Google Chrome
2019-04-30 00:00:00
KLA12007 Multiple vulnerabilities in Apple iTunes
2020-09-16 00:00:00
cloudlinux
cloudlinux
Fixed CVEs in sqlite: CVE-2020-35525, CVE-2020-13435
2022-10-10 18:56:17
suse
suse
Security update for chromium (important)
2019-05-28 00:00:00
Security update for chromium (important)
2019-06-03 00:00:00
Security update for sqlite3 (important)
2021-07-20 00:00:00
cloudfoundry
cloudfoundry
USN-4394-1: SQLite vulnerabilities | Cloud Foundry
2020-06-24 00:00:00
USN-4298-1: SQLite vulnerabilities | Cloud Foundry
2020-03-31 00:00:00
USN-4205-1: SQLite vulnerabilities | Cloud Foundry
2019-12-18 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: sqlite-3.26.0-3.fc29
2019-06-04 02:22:26
[SECURITY] Fedora 30 Update: sqlite-3.26.0-5.fc30
2019-05-20 01:05:52
[SECURITY] Fedora 29 Update: sqlite-3.26.0-4.fc29
2019-08-08 01:53:28
mageia
mageia
Updated sqlite3 packages fix security vulnerabilities
2020-01-30 21:28:34
Updated sqlite3 packages fix security vulnerabilities
2021-07-01 02:58:41
threatpost
threatpost
Google Chrome Affected By Magellan 2.0 Flaws
2019-12-27 16:45:20
gentoo
gentoo
SQLite: Multiple vulnerabilities
2020-03-15 00:00:00
SQLite: Multiple vulnerabilities
2020-07-27 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0198
2020-01-03 00:00:00
Critical Photon OS Security Update - PHSA-2019-0198
2019-01-03 00:00:00
Important Photon OS Security Update - PHSA-2020-0101
2020-06-04 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2019-04-30 00:00:00
freebsd
freebsd
several security issues in sqlite3
2020-05-25 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-20:22.sqlite
2020-08-05 00:00:00
apple
apple
About the security content of iTunes 12.10.9 for Windows - Apple Support
2020-11-13 09:13:16
About the security content of iTunes 12.10.9 for Windows
2020-09-16 00:00:00
debian
debian
[SECURITY] [DLA 2340-1] sqlite3 security update
2020-08-22 22:34:41

AI Score

8.8

Confidence

High

EPSS

0.01

Percentile

83.8%

JSON
Related for OSV:ALSA-2021:4396
nessus45osv6oraclelinux1rocky1redhat21almalinux1cvelist5prion5ubuntucve5nvd5veracode5debiancve5alpinelinux2cve5redhatcve5openvas31cbl_mariner1sqlite1ubuntu4ibm6kaspersky2cloudlinux1suse4cloudfoundry3fedora7mageia2threatpost1gentoo2photon11chrome1freebsd1freebsd_advisory1apple2debian1