CVE-2018-8740
published 2018-03-17CVE-2018-8740: In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and…
high7.5CVSS 3.0
AVNACLPRNUINSUCNINAH
In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | sqlite3 | < sqlite3 3.22.0-2 (bookworm) | sqlite3 3.22.0-2 (bookworm) |
| ghost | sqlite3 | >= 0 < 3.22.0-2 | 3.22.0-2 |
| ghost | sqlite3 | >= 0 < 3.22.0-2 | 3.22.0-2 |
| ghost | sqlite3 | >= 0 < 3.22.0-2 | 3.22.0-2 |
| ghost | sqlite3 | >= 0 < 3.22.0-2 | 3.22.0-2 |
| ghost | sqlite3 | >= 0 < 3.11.0-1ubuntu1.5 | 3.11.0-1ubuntu1.5 |
| ghost | sqlite3 | >= 0 < 3.11.0-1ubuntu1.3 | 3.11.0-1ubuntu1.3 |
| ghost | sqlite3 | >= 0 < 3.22.0-1ubuntu0.4 | 3.22.0-1ubuntu0.4 |
| ghost | sqlite3 | >= 0 < 3.22.0-1ubuntu0.2 | 3.22.0-1ubuntu0.2 |
| ghost | sqlite3 | >= 0 < 3.31.1-4ubuntu0.1 | 3.31.1-4ubuntu0.1 |
| sqlite | sqlite | <= 3.22.0 | — |
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH