Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
2.1
CVSSv2

CVE-2021-20227

Published: 23/03/2021 Updated: 16/11/2022
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 188
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Sqlite

Vulnerability Summary

A flaw was found in SQLite's SELECT query functionality (src/select.c). This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial of service or possible code execution by triggering a use-after-free. The highest threat from this vulnerability is to system availability.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

sqlite sqlite

oracle outside in technology 8.5.5

oracle communications network charging and control 6.0.1

oracle zfs storage appliance kit 8.8

oracle jd edwards enterpriseone tools

oracle mysql workbench

oracle communications network charging and control

oracle enterprise manager for oracle database 13.4.0.0

Vendor Advisories

Arch Linux Issues:
There is a flaw in sqlite's SELECT query functionality (src/selectc) before version 3341 An attacker who is capable of running SQL queries locally on the sqlite database could cause a denial of service or possibly code execution by triggering a use-after-free ...

ICS Advisories

https://ics-cert.us-cert.gov/advisories/fd87a3fc00e025fdc5034360097d2bdf
Critical Infrastructure Sectors: Critical Manufacturing

References

CWE-416https://bugzilla.redhat.com/show_bug.cgi?id=1924886https://www.sqlite.org/releaselog/3_34_1.htmlhttps://security.gentoo.org/glsa/202103-04https://security.netapp.com/advisory/ntap-20210423-0010/https://www.oracle.com/security-alerts/cpuApr2021.htmlhttps://www.oracle.com//security-alerts/cpujul2021.htmlhttps://www.oracle.com/security-alerts/cpuoct2021.htmlhttps://security.gentoo.org/glsa/202210-40https://nvd.nist.govhttps://www.cisa.gov/news-events/ics-advisories/icsa-23-348-10https://security.archlinux.org/CVE-2021-20227
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook