Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2019-20218
HistoryJan 02, 2020 - 12:00 a.m.

CVE-2019-20218

2020-01-0200:00:00
ubuntu.com
ubuntu.com
10

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.9 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.7%

JSON

selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack
unwinding even after a parsing error.

Notes

Author Note
mdeslaur tests hang when this is backported to earlier releases
octagalland trusty is not affected, since support for the WITH clause was introduced in version 3.8.3 https://www.sqlite.org/changes.html#version_3_8_3
OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchsqlite3< 3.22.0-1ubuntu0.3UNKNOWN
ubuntu19.10noarchsqlite3< 3.29.0-2ubuntu0.2UNKNOWN
ubuntu16.04noarchsqlite3< 3.11.0-1ubuntu1.4UNKNOWN

Related

nvd 1
cve 1
cvelist 1
debiancve 1
sqlite 1
debian 2
nessus 27
redhatcve 1
alpinelinux 1
osv 2
veracode 1
prion 1
openvas 16
ibm 5
photon 6
redhat 12
almalinux 1
oraclelinux 1
gentoo 1
ubuntu 1
cloudfoundry 1
suse 2
tenable 1
ics 1
oracle 1
nvd
nvd
CVE-2019-20218
2020-01-02 14:16:36
cve
cve
CVE-2019-20218
2020-01-02 14:16:36
cvelist
cvelist
CVE-2019-20218
2020-01-02 02:51:58
debiancve
debiancve
CVE-2019-20218
2020-01-02 14:16:36
sqlite
sqlite
SQLite report about CVE-2019-20218
2019-01-01 00:00:00
debian
debian
[SECURITY] [DLA 2340-2] sqlite3 regression update
2020-12-10 14:29:38
[SECURITY] [DLA 2340-1] sqlite3 security update
2020-08-22 22:34:41
nessus
nessus
Debian DLA-2340-2 : sqlite3 regression update
2020-08-24 00:00:00
SUSE SLES11 Security Update : sqlite3 (SUSE-SU-2021:14771-1)
2021-07-30 00:00:00
EulerOS 2.0 SP2 : sqlite (EulerOS-SA-2020-1624)
2020-06-17 00:00:00
redhatcve
redhatcve
CVE-2019-20218
2020-01-15 14:09:08
alpinelinux
alpinelinux
CVE-2019-20218
2020-01-02 14:16:00
osv
osv
CVE-2019-20218
2020-01-02 14:16:36
sqlite3 - regression update
2020-12-10 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-09-21 06:34:24
prion
prion
Code injection
2020-01-02 14:16:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2021:14771-1)
2021-07-30 00:00:00
Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2020-1624)
2020-06-16 00:00:00
Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2020-2197)
2020-10-21 00:00:00
ibm
ibm
Security Bulletin: A vulnerability in SQLite affects IBM Cloud Application Performance Management Response Time Monitoring Agent (CVE-2019-19959, CVE-2019-20218)
2020-04-07 13:30:59
Security Bulletin: IBM Security Guardium is affected by an SQLite vulnerability
2020-10-09 19:49:03
Security Bulletin: A security vulnerability has been identified in SQLite shipped with PowerAI.
2020-03-01 17:55:34
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0200
2020-01-14 00:00:00
Important Photon OS Security Update - PHSA-2020-0200
2020-01-14 00:00:00
Critical Photon OS Security Update - PHSA-2020-0049
2020-01-18 00:00:00
redhat
redhat
(RHSA-2020:4442) Moderate: sqlite security update
2020-11-03 12:04:56
(RHSA-2021:0146) Moderate: Release of OpenShift Serverless 1.12.0
2021-01-14 13:24:22
(RHSA-2021:2021) Moderate: Release of OpenShift Serverless 1.10.2 security update
2021-05-19 02:03:59
almalinux
almalinux
Moderate: sqlite security update
2020-11-03 12:04:56
oraclelinux
oraclelinux
sqlite security update
2020-11-10 00:00:00
gentoo
gentoo
SQLite: Multiple vulnerabilities
2020-07-27 00:00:00
ubuntu
ubuntu
SQLite vulnerabilities
2020-03-10 00:00:00
cloudfoundry
cloudfoundry
USN-4298-1: SQLite vulnerabilities | Cloud Foundry
2020-03-31 00:00:00
suse
suse
Security update for sqlite3 (important)
2021-07-14 00:00:00
Security update for sqlite3 (important)
2021-07-20 00:00:00
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47
ics
ics
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2020
2020-04-14 00:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.9 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.7%

JSON
Related for UB:CVE-2019-20218
nvd1cve1cvelist1debiancve1sqlite1debian2nessus27redhatcve1alpinelinux1osv2veracode1prion1openvas16ibm5photon6redhat12almalinux1oraclelinux1gentoo1ubuntu1cloudfoundry1suse2tenable1ics1oracle1