CVE-2020-13632 — NULL Pointer Dereference in Sqlite
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 93.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMay 27
Latest updateMay 24
Description
ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages6 packages
Also affects: Debian Linux 9.0, Fedora 32, Ubuntu Linux 16.04, 18.04, 19.10, 20.04
Patches
🔴Vulnerability Details
3📋Vendor Advisories
5Red Hat▶
sqlite: NULL pointer dereference in ext/fts3/fts3_snippet.c via a crafted matchinfo() query↗2020-05-14
Microsoft▶
ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.↗2020-05-12
Debian▶
CVE-2020-13632: sqlite3 - ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference v...↗2020
💬Community
4Bugzilla▶
CVE-2020-13632 sqlite: NULL pointer dereference in ext/fts3/fts3_snippet.c via a crafted matchinfo() query [fedora-all]↗2020-05-29
Bugzilla▶
CVE-2020-13632 sqlite2: sqlite: NULL pointer dereference in ext/fts3/fts3_snippet.c via a crafted matchinfo() query [fedora-all]↗2020-05-29
Bugzilla▶
CVE-2020-13632 mingw-sqlite: sqlite: NULL pointer dereference in ext/fts3/fts3_snippet.c via a crafted matchinfo() query [fedora-all]↗2020-05-29
Bugzilla▶
CVE-2020-13632 sqlite: NULL pointer dereference in ext/fts3/fts3_snippet.c via a crafted matchinfo() query↗2020-05-29