Description

SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling.

Remediation

References

CVE-2019-19924

Related Vulnerabilities

Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-7936)

Moodle Resource Management Errors Vulnerability (CVE-2015-2268)

MySQL CVE-2017-10279 Vulnerability (CVE-2017-10279)

WordPress Plugin All-in-One WP Migration Multiple Cross-Site Request Forgery Vulnerabilities (7.1)

Magento Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-9689)

Severity

Medium

Classification

CVE-2019-19924 CWE-755 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities