cbcvebase.
CVE-2019-19242
published 2019-11-27

CVE-2019-19242: SQLite 3.30.1 mishandles pExpr->y.pTab, as demonstrated by the TK_COLUMN case in sqlite3ExprCodeTarget in expr.c.

medium5.9CVSS 3.1
AVNACHPRNUINSUCNINAH
SQLite 3.30.1 mishandles pExpr->y.pTab, as demonstrated by the TK_COLUMN case in sqlite3ExprCodeTarget in expr.c.

Affected

16 ranges
VendorProductVersion rangeFixed in
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
debiansqlite3< sqlite3 3.30.1+fossil191229-1 (bookworm)sqlite3 3.30.1+fossil191229-1 (bookworm)
ghostsqlite3>= 0 < 3.30.1+fossil191229-13.30.1+fossil191229-1
ghostsqlite3>= 0 < 3.30.1+fossil191229-13.30.1+fossil191229-1
ghostsqlite3>= 0 < 3.30.1+fossil191229-13.30.1+fossil191229-1
ghostsqlite3>= 0 < 3.30.1+fossil191229-13.30.1+fossil191229-1
ghostsqlite3>= 0 < 3.11.0-1ubuntu1.33.11.0-1ubuntu1.3
ghostsqlite3>= 0 < 3.22.0-1ubuntu0.23.22.0-1ubuntu0.2
oraclemysql_workbench<= 8.0.19
redhatenterprise_linux
siemenssinec_infrastructure_network_services< 1.0.1.11.0.1.1
sqlitesqlite

CVSS provenance

nvdv3.15.9MEDIUMCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH