QwikSec

Security Database

CVE

CWE

Training

CVE-2021-20227

Published: Mar 23, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

A flaw was found in SQLite's SELECT query functionality (src/select.c). This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial of service or possible code execution by triggering a use-after-free. The highest threat from this vulnerability is to system availability.

Vendor	Product	Versions
n/a	sqlite	affected `sqlite 3.34.1`

Weaknesses (CWE)

References

https://bugzilla.redhat.com/show_bug.cgi?id=1924886

https://www.sqlite.org/releaselog/3_34_1.html

vendor-advisory

https://www.oracle.com/security-alerts/cpuApr2021.html

https://security.netapp.com/advisory/ntap-20210423-0010/

https://www.oracle.com//security-alerts/cpujul2021.html

https://www.oracle.com/security-alerts/cpuoct2021.html

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.