SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf | Patch Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html | Mailing List Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BN32AGQPMHZRNM6P6L5GZPETOWTGXOKP/ | |
https://security.gentoo.org/glsa/202007-26 | Mitigation Third Party Advisory |
https://security.netapp.com/advisory/ntap-20200619-0002/ | Third Party Advisory |
https://www.oracle.com/security-alerts/cpuApr2021.html | Third Party Advisory |
https://www.oracle.com/security-alerts/cpujan2021.html | Third Party Advisory |
https://www.sqlite.org/src/info/79eff1d0383179c4 | Patch Vendor Advisory |
https://www.sqlite.org/src/info/c8d3b9f0a750a529 | Exploit Vendor Advisory |
https://www.sqlite.org/src/info/cd708fa84d2aaaea | Exploit Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
History
07 Nov 2023, 03:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
13 May 2022, 20:57
Type | Values Removed | Values Added |
---|---|---|
First Time |
Fedoraproject fedora
Oracle communications Messaging Server Siemens Debian debian Linux Netapp Oracle hyperion Infrastructure Technology Oracle communications Network Charging And Control Fedoraproject Netapp cloud Backup Oracle mysql Workbench Siemens sinec Infrastructure Network Services Debian Oracle zfs Storage Appliance Kit Oracle enterprise Manager Ops Center Netapp ontap Select Deploy Administration Utility Oracle |
|
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20200619-0002/ - Third Party Advisory | |
References | (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf - Patch, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BN32AGQPMHZRNM6P6L5GZPETOWTGXOKP/ - Mailing List, Third Party Advisory | |
References | (MISC) https://www.oracle.com/security-alerts/cpujan2021.html - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html - Mailing List, Third Party Advisory | |
References | (MISC) https://www.oracle.com/security-alerts/cpuApr2021.html - Third Party Advisory | |
References | (GENTOO) https://security.gentoo.org/glsa/202007-26 - Mitigation, Third Party Advisory | |
CPE | cpe:2.3:a:oracle:communications_messaging_server:8.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:* cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.2:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:* cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:* cpe:2.3:a:oracle:hyperion_infrastructure_technology:11.1.2.4:*:*:*:*:*:*:* cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:* cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:* |
10 Mar 2022, 17:41
Type | Values Removed | Values Added |
---|---|---|
References |
|
14 Jun 2021, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
20 Jan 2021, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2020-06-06 16:15
Updated : 2023-12-10 13:27
NVD link : CVE-2020-13871
Mitre link : CVE-2020-13871
CVE.ORG link : CVE-2020-13871
JSON object : View
Products Affected
netapp
- cloud_backup
- ontap_select_deploy_administration_utility
debian
- debian_linux
oracle
- communications_network_charging_and_control
- enterprise_manager_ops_center
- hyperion_infrastructure_technology
- communications_messaging_server
- mysql_workbench
- zfs_storage_appliance_kit
siemens
- sinec_infrastructure_network_services
sqlite
- sqlite
fedoraproject
- fedora
CWE
CWE-416
Use After Free