CVE Vulnerabilities

CVE-2020-35525

NULL Pointer Dereference

Published: Sep 01, 2022 | Modified: Jul 06, 2023
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
7.5 LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Ubuntu
MEDIUM

In SQlite 3.31.1, a potential null pointer derreference was found in the INTERSEC query processing.

Weakness

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

Affected Software

Name Vendor Start Version End Version
Sqlite Sqlite 3.31.1 (including) 3.31.1 (including)
Sqlite Ubuntu bionic *
Sqlite Ubuntu kinetic *
Sqlite Ubuntu trusty *
Sqlite Ubuntu upstream *
Sqlite Ubuntu xenial *
Sqlite3 Ubuntu bionic *
Sqlite3 Ubuntu esm-infra/xenial *
Sqlite3 Ubuntu focal *
Sqlite3 Ubuntu trusty *
Sqlite3 Ubuntu trusty/esm *
Sqlite3 Ubuntu upstream *
Sqlite3 Ubuntu xenial *
Red Hat Enterprise Linux 8 RedHat sqlite-0:3.26.0-16.el8_6 *
Red Hat Enterprise Linux 8 RedHat sqlite-0:3.26.0-16.el8_6 *

Potential Mitigations

References