CVE-2022-46908

Published: Dec 12, 2022

Modified: May 5, 2025

PUBLISHED

Description

SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://news.ycombinator.com/item?id=33948588

https://sqlite.org/forum/forumpost/07beac8056151b2f

https://sqlite.org/src/info/cefc032473ac5ad2

https://security.netapp.com/advisory/ntap-20230203-0005/

GLSA-202311-03

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-46908

Description

Affected Products

References