PT-2019-5316 · Sqlite+2 · Sqlite+2

Published

2019-12-09

Updated

2022-04-15

CVE-2019-19646

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions SQLite versions prior to 3.30.1

Description The issue is related to the handling of NOT NULL in an integrity check PRAGMA command in certain cases of generated columns. It is also described as a problem with insufficient checking of unusual or exceptional states in the integrity check PRAGMA command. This could potentially allow a remote attacker to gain full control over the application.

Recommendations For SQLite versions prior to 3.30.1, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Check for Exceptional Conditions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-754

Related Identifiers

ALT-PU-2020-1088

ALT-PU-2020-2094

ALT-PU-2020-2183

ALT-PU-2020-2898

AZL-38566

BDU:2020-02371

CVE-2019-19646

OPENSUSE-SU-2021:1058-1

OPENSUSE-SU-2021:2320-1

OPENSUSE-SU-2021_1058-1

OPENSUSE-SU-2021_2320-1

SUSE-SU-2021:2320-1

SUSE-SU-2021:3215-1

Affected Products

Alt Linux

Sqlite

Suse

PT-2019-5316 · Sqlite+2 · Sqlite+2

CVE-2019-19646

Weakness Enumeration

Related Identifiers

Affected Products

References · 68