Description
An issue was found in fts5UnicodeTokenize() in ext/fts5/fts5_tokenize.c in Sqlite. A unicode61 tokenizer configured to treat unicode "control-characters" (class Cc), was treating embedded nul characters as tokens. The issue was fixed in sqlite-3.34.0 and later.
Remediation
References
Related Vulnerabilities
Joomla Other Vulnerability (CVE-2006-1027)
WordPress Plugin Concours Cross-Site Scripting (1.1)
OpenSSL Improper Input Validation Vulnerability (CVE-2017-3733)
WordPress Plugin Bloom eMail Opt-In Security Bypass (1.1)
WordPress Plugin Qwizcards-online quizzes and flashcards Cross-Site Scripting (3.61)