Description

SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling.

Remediation

References

CVE-2019-19924

Related Vulnerabilities

OpenSSL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-3512)

WordPress Plugin Smush Image Compression and Optimization Multiple Vulnerabilities (2.9.1)

WordPress Plugin Breezing Forms SQL Injection (1.2.7.30)

WordPress Plugin Google Maps by BestWebSoft Multiple Cross-Site Scripting Vulnerabilities (1.2.1)

WordPress Plugin Authorize.net Payment Gateway For WooCommerce Security Bypass (2.0)

Severity

Medium

Classification

CVE-2019-19924 CWE-755 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities