zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.
References
Link | Resource |
---|---|
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00010.html | Mailing List Third Party Advisory |
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html | Mailing List Third Party Advisory |
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00025.html | Mailing List Third Party Advisory |
https://access.redhat.com/errata/RHSA-2020:0514 | Third Party Advisory |
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf | Patch Third Party Advisory |
https://github.com/sqlite/sqlite/commit/54d501092d88c0cf89bec4279951f548fb0b8618 | Patch Third Party Advisory |
https://security.netapp.com/advisory/ntap-20200114-0003/ | Third Party Advisory |
https://usn.ubuntu.com/4298-1/ | Broken Link |
https://www.debian.org/security/2020/dsa-4638 | Third Party Advisory |
https://www.oracle.com/security-alerts/cpuapr2020.html | Patch Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
|
Configuration 8 (hide)
|
History
15 Apr 2022, 16:19
Type | Values Removed | Values Added |
---|---|---|
First Time |
Opensuse backports Sle
Debian debian Linux Siemens Redhat enterprise Linux Desktop Redhat enterprise Linux Server Oracle Oracle mysql Workbench Suse linux Enterprise Netapp Netapp cloud Backup Siemens sinec Infrastructure Network Services Suse Debian Suse package Hub Opensuse leap Redhat enterprise Linux Workstation Opensuse Redhat |
|
CPE | cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:* cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:* cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:* cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:* |
|
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20200114-0003/ - Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4298-1/ - Broken Link | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2020:0514 - Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00010.html - Mailing List, Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00025.html - Mailing List, Third Party Advisory | |
References | (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf - Patch, Third Party Advisory | |
References | (DEBIAN) https://www.debian.org/security/2020/dsa-4638 - Third Party Advisory | |
References | (N/A) https://www.oracle.com/security-alerts/cpuapr2020.html - Patch, Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html - Mailing List, Third Party Advisory |
10 Mar 2022, 17:41
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2019-12-24 17:15
Updated : 2023-12-10 13:13
NVD link : CVE-2019-19925
Mitre link : CVE-2019-19925
CVE.ORG link : CVE-2019-19925
JSON object : View
Products Affected
suse
- linux_enterprise
- package_hub
redhat
- enterprise_linux_workstation
- enterprise_linux_server
- enterprise_linux_desktop
opensuse
- leap
- backports_sle
netapp
- cloud_backup
siemens
- sinec_infrastructure_network_services
oracle
- mysql_workbench
sqlite
- sqlite
debian
- debian_linux
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type