First published: Mon Dec 09 2019(Updated: )
An error during handling of CREATE TABLE and CREATE VIEW statements in SQLite has an unknown impact via a specially crafted table name.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
SQLite SQLite | =3.30.1 | |
Oracle Mysql Workbench | <=8.0.19 | |
Siemens Sinec Infrastructure Network Services | <1.0.1.1 | |
Siemens Sinec Infrastructure Network Services | =1.0.1.1 | |
Apache Guacamole | =1.3.0 | |
Netapp Cloud Backup | ||
NetApp ONTAP Select Deploy administration utility | ||
IBM Data Risk Manager | <=2.0.6 | |
debian/sqlite3 | 3.34.1-3 3.34.1-3+deb11u1 3.40.1-2 3.46.1-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-19603 is a vulnerability in SQLite 3.30.1 that mishandles certain SELECT statements with a nonexistent VIEW.
The severity of CVE-2019-19603 is high, with a CVSSv3 score of 7.5.
IBM Data Risk Manager 2.0.6 is affected by CVE-2019-19603. A patch is available.
CVE-2019-19603 can be fixed on Ubuntu by updating to version 3.29.0-2ubuntu0.3 or later of the sqlite3 package.
Yes, a fix is available for CVE-2019-19603 on Debian by updating to the latest version of the sqlite3 package.