Denial of Service Vulnerability in SQLite3 by SQLite
CVE-2021-31239

7.5HIGH

Key Information:

Vendor

Sqlite

Status
Sqlite
Vendor
CVE Published:
9 May 2023

What is CVE-2021-31239?

A security issue in SQLite3 version 3.35.4 has been identified, allowing remote attackers to exploit the appendvfs.c function. This vulnerability can lead to a denial of service, potentially disrupting service availability and allowing for unauthorized access to critical resources. Users of affected versions should apply security updates promptly to mitigate potential risks associated with this exploit.

References

https://www.sqlite.org/cves.html
https://www.sqlite.org/forum/forumpost/d9fce1a89b
https://github.com/Tsiming/Vulnerabilities/blob/main/SQLi...

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.