Description
flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).
Remediation
References
Related Vulnerabilities
WordPress Deserialization of Untrusted Data Vulnerability (CVE-2018-20148)
WordPress Plugin Amazon Product in a Post SQL Injection (3.5.2)
MyBB URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-20225)
MySQL CVE-2018-3073 Vulnerability (CVE-2018-3073)
WordPress Plugin BuddyBoss Media Cross-Site Scripting (3.2.3)