Smallc

**Name of the Vulnerable Software and Affected Versions** SQLite version 3.20.1 **Description** The issue arises from a NULL pointer dereference in the tableColumnList function within shell.c. This occurs because the software fails to account for specific cases where `sqlite3 step(pStmt)==SQLITE ROW` is false, resulting in a data structure never being initialized. **Recommendations** For SQLite version 3.20.1, consider disabling the tableColumnList function in shell.c as a temporary workaround until a patch is available. Restrict access to the `sqlite3 step` function to minimize the risk of exploitation. Avoid using the `pStmt` variable in the affected code path until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.