Description
An issue was found in fts5UnicodeTokenize() in ext/fts5/fts5_tokenize.c in Sqlite. A unicode61 tokenizer configured to treat unicode "control-characters" (class Cc), was treating embedded nul characters as tokens. The issue was fixed in sqlite-3.34.0 and later.
Remediation
References
Related Vulnerabilities
Grafana Other Vulnerability (CVE-2021-28147)
PHP Out-of-bounds Read Vulnerability (CVE-2019-11040)
Python Other Vulnerability (CVE-2006-1542)
WebLogic Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-21347)
Caddy Web Server Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)