Denial of Service Vulnerability in SQLite3 by SQLite
CVE-2021-31239

7.5HIGH

Key Information:

Vendor: Sqlite
Status: Sqlite
Vendor: CVE Published:; 9 May 2023

What is CVE-2021-31239?

A security issue in SQLite3 version 3.35.4 has been identified, allowing remote attackers to exploit the appendvfs.c function. This vulnerability can lead to a denial of service, potentially disrupting service availability and allowing for unauthorized access to critical resources. Users of affected versions should apply security updates promptly to mitigate potential risks associated with this exploit.

References

https://www.sqlite.org/cves.html

https://www.sqlite.org/forum/forumpost/d9fce1a89b

https://github.com/Tsiming/Vulnerabilities/blob/main/SQLi...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 9, 2023
Vulnerability Reserved
Apr 15, 2021

Sqlite

What is CVE-2021-31239?

References

CVSS V3.1

Timeline