Description

SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling.

Remediation

References

CVE-2019-19924

Related Vulnerabilities

WordPress Plugin Site Import Remote File Inclusion (1.0.1)

WordPress Plugin Media Tags Cross-Site Scripting (3.2.0.2)

WordPress Plugin Video Gallery /w YouTube, Vimeo Multiple Vulnerabilities (8.80)

Python Integer Overflow or Wraparound Vulnerability (CVE-2007-4965)

WordPress Plugin Kino Gallery TimThumb Arbitrary File Upload (1.0)

Severity

Medium

Classification

CVE-2019-19924 CWE-755 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities