WEB APPLICATION VULNERABILITIES Standard & Premium

Sqlite Use After Free Vulnerability (CVE-2024-0232)

Description

A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.

Remediation

References

Related Vulnerabilities

WordPress Plugin Product Input Fields for WooCommerce Arbitrary File Download (1.2.6)

PostgreSQL Other Vulnerability (CVE-2006-0678)

phpMyFAQ Other Vulnerability (CVE-2005-3734)

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3549)

ATutor Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-1000004)

Severity

Medium

Classification

CVE-2024-0232 CWE-416 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities