SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo objects initialization is mishandled.
The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Sqlite | Sqlite | * | 3.31.1 (including) |
Sqlite | Ubuntu | bionic | * |
Sqlite | Ubuntu | eoan | * |
Sqlite | Ubuntu | groovy | * |
Sqlite | Ubuntu | hirsute | * |
Sqlite | Ubuntu | impish | * |
Sqlite | Ubuntu | kinetic | * |
Sqlite | Ubuntu | trusty | * |
Sqlite | Ubuntu | trusty/esm | * |
Sqlite | Ubuntu | xenial | * |
Sqlite3 | Ubuntu | eoan | * |
Sqlite3 | Ubuntu | focal | * |
Sqlite3 | Ubuntu | trusty | * |
Sqlite3 | Ubuntu | upstream | * |