CVE-2019-19242 Information
Feb 14, 2021
cve
Description
SQLite 3.30.1 mishandles pExpr-y.pTab as demonstrated by the TK_COLUMN case in sqlite3ExprCodeTarget in expr.c.
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Reference
https://github.com/sqlite/sqlite/commit/57f7ece78410a8aae86aa4625fb7556897db384c https://usn.ubuntu.com/4205-1/ https://www.oracle.com/security-alerts/cpuapr2020.html
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
NONE
Availability Impact
NONE
Base Score
HIGH
Base Severity
5.9
Share on: