CVE-2020-13435: SQL Injection
First published: Sun May 24 2020(Updated: )
Last updated 24 July 2024
Credit: CVE-2020-13434 CVE-2020-13435 CVE-2020-9991 cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/sqlite | <3.32.1 | 3.32.1 |
| debian/sqlite3 | 3.34.1-3 3.34.1-3+deb11u1 3.40.1-2+deb12u1 3.46.1-1 | |
| Apple macOS | <11.0.1 | 11.0.1 |
| SQLite | <=3.32.0 | |
| Fedora | =32 | |
| tvOS | <14.0 | 14.0 |
| Apple iOS, iPadOS, and watchOS | <14.0 | 14.0 |
| Apple iOS, iPadOS, and watchOS | <14.0 | 14.0 |
| Apple iOS, iPadOS, and watchOS | <7.0 | 7.0 |
| Apple iCloud | <11.5 | 11.5 |
| Apple iTunes | <12.10.9 | 12.10.9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://seclists.org/fulldisclosure/2020/Dec/32
- http://seclists.org/fulldisclosure/2020/Nov/19
- http://seclists.org/fulldisclosure/2020/Nov/20
- http://seclists.org/fulldisclosure/2020/Nov/22
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L7KXQWHIY2MQP4LNM6ODWJENMXYYQYBN/
- https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc
- https://security.gentoo.org/glsa/202007-26
- https://security.netapp.com/advisory/ntap-20200528-0004/
- https://support.apple.com/kb/HT211843
- https://support.apple.com/kb/HT211844
- https://support.apple.com/kb/HT211850
- https://support.apple.com/kb/HT211931
- https://support.apple.com/kb/HT211935
- https://support.apple.com/kb/HT211952
- https://usn.ubuntu.com/4394-1/
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://www.oracle.com/security-alerts/cpujul2020.html
- https://www.sqlite.org/src/info/7a5279a25c57adf1
- https://support.apple.com/en-us/HT211952 (Advisory)
- https://support.apple.com/en-us/HT211935 (Advisory)
- https://launchpad.net/bugs/cve/CVE-2020-13435
- https://support.apple.com/en-us/HT211931 (Advisory)
- https://support.apple.com/en-us/HT211844 (Advisory)
- https://support.apple.com/en-us/HT211843 (Advisory)
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L7KXQWHIY2MQP4LNM6ODWJENMXYYQYBN/
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1841233
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1841235
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1841232
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1841234
- https://www.sqlite.org/src/info/ad7bb70af9bb68d1
- https://access.redhat.com/errata/RHSA-2021:4396
- https://bugzilla.redhat.com/show_bug.cgi?id=1841231
- https://support.apple.com/en-us/HT211850 (Advisory)
- https://www.sqlite.org/src/info/572105de1d44bca4
- https://security-tracker.debian.org/tracker/CVE-2020-13435
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13435
- https://nvd.nist.gov/vuln/detail/CVE-2020-13435
- https://ubuntu.com/security/CVE-2020-13435
Parent vulnerabilities
(Appears in the following advisories)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2020-27914
- CVE-2020-27915
- CVE-2020-27903
- CVE-2020-27910
- CVE-2020-27916
- CVE-2020-9943
- CVE-2020-9944
- CVE-2020-27906
- CVE-2020-27945
- CVE-2020-27908
- CVE-2020-27909
- CVE-2020-9960
- CVE-2020-10017
- CVE-2020-9949
- CVE-2020-9897
- CVE-2020-9883
- CVE-2020-10003
- CVE-2020-27922
- CVE-2020-9999
- CVE-2020-27937
- CVE-2020-9965
- CVE-2020-9966
- CVE-2020-27894
- CVE-2020-36615
- CVE-2021-1790
- CVE-2021-1775
- CVE-2020-29629
- CVE-2020-27942
- CVE-2020-9962
- CVE-2020-27952
- CVE-2020-9956
- CVE-2020-27931
- CVE-2020-27930
- CVE-2020-27927
- CVE-2020-29639
- CVE-2020-10002
- CVE-2020-9978
- CVE-2020-9955
- CVE-2020-27924
- CVE-2020-27912
- CVE-2020-27923
- CVE-2020-9876
- CVE-2020-10015
- CVE-2020-27897
- CVE-2020-27907
- CVE-2020-27919
- CVE-2020-9967
- CVE-2020-9975
- CVE-2020-27921
- CVE-2020-27904
- CVE-2019-14899
- CVE-2020-27950
- CVE-2020-9974
- CVE-2020-10016
- CVE-2020-27932
- CVE-2020-27917
- CVE-2020-27920
- CVE-2020-27911
- CVE-2020-9971
- CVE-2020-10014
- CVE-2020-10010
- CVE-2020-9941
- CVE-2020-9988
- CVE-2020-9989
- CVE-2020-10011
- CVE-2020-13524
- CVE-2020-10004
- CVE-2020-9996
- CVE-2020-27901
- CVE-2020-27900
- CVE-2019-20838
- CVE-2020-14155
- CVE-2020-10007
- CVE-2020-27896
- CVE-2020-9963
- CVE-2020-10012
- CVE-2020-10663
- CVE-2020-9945
- CVE-2020-9977
- CVE-2020-9942
- CVE-2020-9987
- CVE-2021-1803
- CVE-2020-9969
- CVE-2020-27893
- CVE-2021-1755
- CVE-2020-10005
- CVE-2020-9991
- CVE-2020-9849
- CVE-2020-15358
- CVE-2020-13631
- CVE-2020-13434
- CVE-2020-13435
- CVE-2020-13630
- CVE-2020-27899
- CVE-2020-10009
- CVE-2020-10008
- CVE-2020-27918
- CVE-2020-9947
- CVE-2020-9950
- CVE-2020-27898
- CVE-2020-27935
- CVE-2020-10006
- CVE-2020-9979
- CVE-2020-9954
- CVE-2020-36521
- CVE-2020-9961
- CVE-2020-9976
- CVE-2020-9981
- CVE-2020-9968
- CVE-2020-9951
- CVE-2020-9983
- CVE-2020-9952
- CVE-2020-10013
- CVE-2020-9958
- CVE-2020-9773
- CVE-2020-9992
- CVE-2020-9964
- CVE-2020-13520
- CVE-2020-6147
- CVE-2020-9972
- CVE-2020-9973
- CVE-2020-9946
- CVE-2020-9993
- CVE-2020-9959
Frequently Asked Questions
What is CVE-2020-13435?
CVE-2020-13435 is a vulnerability in SQLite that was addressed with improved checks.
Which software products are affected by CVE-2020-13435?
The following Apple software products are affected: tvOS (up to version 14.0), macOS Big Sur (up to version 11.0.1), iOS (up to version 14.0), iPadOS (up to version 14.0), watchOS (up to version 7.0), iTunes for Windows (up to version 12.10.9), and iCloud for Windows (up to version 11.5).
Where can I find more information about CVE-2020-13435?
You can find more information about CVE-2020-13435 on the Apple support website. Here are the reference links: [1](https://support.apple.com/en-us/HT211952), [2](https://support.apple.com/en-us/HT211850), [3](https://support.apple.com/en-us/HT211843).
What is the severity of CVE-2020-13435?
The severity of CVE-2020-13435 is not specified in the provided information.
How do I fix CVE-2020-13435?
To fix CVE-2020-13435, you should update the affected software to the latest available version.
- agent/type
- collector/launchpad-cve
- source/Launchpad
- agent/weakness
- agent/severity
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2020-13435
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- collector/usn-cve
- source/Ubuntu
- agent/remedy
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- collector/security-tracker-debian
- source/Debian
- agent/last-modified-date
- agent/trending
- agent/source
- collector/apple-support
- alias/CVE-2020-9991
- agent/software-canonical-lookup-request
- collector/nvd-cve
- source/NVD
- collector/nvd-index
- agent/author
- agent/tags
- agent/softwarecombine
- package-manager/redhat
- package-manager/debian
- vendor/apple
- canonical/apple macos
- vendor/sqlite
- canonical/sqlite
- version/sqlite/3.32.0
- vendor/fedoraproject
- canonical/fedora
- version/fedora/32
- canonical/tvos
- canonical/apple ios, ipados, and watchos
- canonical/apple icloud
- canonical/apple itunes