Description

In SQLite 3.27.2, interleaving reads and writes in a single transaction with an fts5 virtual table will lead to a NULL Pointer Dereference in fts5ChunkIterate in sqlite3.c. This is related to ext/fts5/fts5_hash.c and ext/fts5/fts5_index.c.

Remediation

References

CVE-2019-9937

Related Vulnerabilities

WordPress Plugin NextGEN Gallery-WordPress Gallery 'nggallery-manage-gallery' HTML Injection (0.96)

WordPress Plugin WordPress Survey & Poll-Quiz, Survey and Poll Unspecified Vulnerability (1.5.8.5)

WebLogic CVE-2018-3213 Vulnerability (CVE-2018-3213)

WordPress Plugin Subscribe2 Multiple Cross-Site Scripting Vulnerabilities (8.1)

WordPress 5.5.x Multiple Vulnerabilities (5.5 - 5.5.3)

Severity

High

Classification

CVE-2019-9937 CWE-476 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities