Sqlite NULL Pointer Dereference Vulnerability (CVE-2019-19880)

Description

exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.

Remediation

References

CVE-2019-19880

Related Vulnerabilities

Zope Web Application Server Other Vulnerability (CVE-2007-0240)

Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2021-39275)

WebLogic CVE-2017-10147 Vulnerability (CVE-2017-10147)

SharePoint Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-31950)

WordPress Plugin DukaPress SQL Injection (2.5.9)

Severity

High

Classification

CVE-2019-19880 CWE-476 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H