Description zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive. Remediation References CVE-2019-19925 Related Vulnerabilities Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5232) WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.14) WordPress Plugin AccessPress Social Icons Multiple SQL Injection Vulnerabilities (1.6.6) SharePoint URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-1323) Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7415) Severity High Classification CVE-2019-19925 CWE-434 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Tags Missing Update Known Vulnerabilities