Description

exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.

Remediation

References

CVE-2019-19880

Related Vulnerabilities

phpMyAdmin Improper Input Validation Vulnerability (CVE-2016-9859)

MySQL CVE-2013-5860 Vulnerability (CVE-2013-5860)

OpenSSL Out-of-bounds Read Vulnerability (CVE-2016-2180)

WordPress Plugin WP Project Manager-Task, team, and project management featuring kanban board and gantt charts Cross-Site Request Forgery (2.4.9)

Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-44951)

Severity

High

Classification

CVE-2019-19880 CWE-476 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities