Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-35737

SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.

Published

2022-08-03T06:15:07.690

Last Modified

2024-11-21T07:11:34.513

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Primary
CWE-129

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	sqlite	sqlite	< 3.39.2	Yes
Application	netapp	ontap_select_deploy_administration_utility	-	Yes
Application	splunk	universal_forwarder	< 8.2.12	Yes
Application	splunk	universal_forwarder	< 9.0.6	Yes
Application	splunk	universal_forwarder	9.1.0	Yes

References

https://blog.trailofbits.com/2022/10/25/sqlite-vulnerability-july-2022-library-api/ Exploit, Third Party Advisory ([email protected])
https://kb.cert.org/vuls/id/720344 Broken Link, Third Party Advisory, US Government Resource ([email protected])
https://security.gentoo.org/glsa/202210-40 Third Party Advisory ([email protected])
https://security.netapp.com/advisory/ntap-20220915-0009/ Third Party Advisory ([email protected])
https://sqlite.org/releaselog/3_39_2.html Release Notes, Vendor Advisory ([email protected])
https://www.sqlite.org/cves.html Vendor Advisory ([email protected])
https://blog.trailofbits.com/2022/10/25/sqlite-vulnerability-july-2022-library-api/ Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://kb.cert.org/vuls/id/720344 Broken Link, Third Party Advisory, US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
https://security.gentoo.org/glsa/202210-40 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20220915-0009/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://sqlite.org/releaselog/3_39_2.html Release Notes, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.sqlite.org/cves.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)