← back
CVE-2020-15358

CVE-2020-15358

EPSS 1.0%
In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdfhttp://seclists.org/fulldisclosure/2020/Dec/32http://seclists.org/fulldisclosure/2020/Nov/19http://seclists.org/fulldisclosure/2020/Nov/20http://seclists.org/fulldisclosure/2020/Nov/22http://seclists.org/fulldisclosure/2021/Feb/14https://security.gentoo.org/glsa/202007-26https://security.netapp.com/advisory/ntap-20200709-0001/https://support.apple.com/kb/HT211843https://support.apple.com/kb/HT211844https://support.apple.com/kb/HT211847https://support.apple.com/kb/HT211850