A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.
2024-01-16T14:15:48.327
2024-11-21T08:46:06.907
Modified
CVSSv3.1: 4.7 (MEDIUM)
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | sqlite | sqlite | < 3.43.2 | Yes |
Operating System | redhat | enterprise_linux | 8.0 | Yes |
Operating System | redhat | enterprise_linux | 9.0 | Yes |
Application | fedoraproject | extra_packages_for_enterprise_linux | 8.0 | Yes |
Operating System | fedoraproject | fedora | 39 | Yes |