First published: Wed May 27 2020(Updated: )
ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.
Credit: CVE-2020-13630 CVE-2020-13630 CVE-2020-13630 CVE-2020-13630 CVE-2020-13630 CVE-2020-13630 cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
<3.32.0 | ||
=32 | ||
=16.04 | ||
=18.04 | ||
=19.10 | ||
=20.04 | ||
=9.0 | ||
<1.0.1.1 | ||
<11.5 | ||
<12.10.9 | ||
<14.0 | ||
<14.0 | ||
<11.0.1 | ||
<14.0 | ||
<7.0 | ||
>=12.0.0<=12.0.3 | ||
=6.0.1 | ||
=8.5.4 | ||
=8.5.5 | ||
=8.8 | ||
Apple iCloud for Windows | <11.5 | 11.5 |
Apple iTunes for Windows | <12.10.9 | 12.10.9 |
Apple macOS Big Sur | <11.0.1 | 11.0.1 |
Apple watchOS | <7.0 | 7.0 |
Apple tvOS | <14.0 | 14.0 |
redhat/sqlite | <3.32.0 | 3.32.0 |
Apple iOS | <14.0 | 14.0 |
Apple iPadOS | <14.0 | 14.0 |
ubuntu/sqlite3 | <3.22.0-1ubuntu0.4 | 3.22.0-1ubuntu0.4 |
ubuntu/sqlite3 | <3.29.0-2ubuntu0.3 | 3.29.0-2ubuntu0.3 |
ubuntu/sqlite3 | <3.31.1-4ubuntu0.1 | 3.31.1-4ubuntu0.1 |
ubuntu/sqlite3 | <3.32.0-1 | 3.32.0-1 |
ubuntu/sqlite3 | <3.11.0-1ubuntu1.5 | 3.11.0-1ubuntu1.5 |
SQLite SQLite | <3.32.0 | |
Fedoraproject Fedora | =32 | |
Canonical Ubuntu Linux | =16.04 | |
Canonical Ubuntu Linux | =18.04 | |
Canonical Ubuntu Linux | =19.10 | |
Canonical Ubuntu Linux | =20.04 | |
Netapp Cloud Backup | ||
Netapp Solidfire\, Enterprise Sds \& Hci Storage Node | ||
Brocade Fabric Operating System | ||
All of | ||
Netapp Hci Compute Node Firmware | ||
Netapp Hci Compute Node | ||
Debian Debian Linux | =9.0 | |
Siemens Sinec Infrastructure Network Services | <1.0.1.1 | |
Apple Icloud Windows | <11.5 | |
Apple Itunes Windows | <12.10.9 | |
Apple iPadOS | <14.0 | |
Apple iPhone OS | <14.0 | |
Apple macOS | <11.0.1 | |
Apple tvOS | <14.0 | |
Apple watchOS | <7.0 | |
Oracle Communications Network Charging And Control | >=12.0.0<=12.0.3 | |
Oracle Communications Network Charging And Control | =6.0.1 | |
Oracle Outside In Technology | =8.5.4 | |
Oracle Outside In Technology | =8.5.5 | |
Oracle ZFS Storage Appliance Kit | =8.8 | |
debian/sqlite | 2.8.17-15 2.8.17-15+deb10u1 | |
debian/sqlite3 | 3.27.2-3+deb10u1 3.27.2-3+deb10u2 3.34.1-3 3.40.1-2 3.45.3-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
(Found alongside the following vulnerabilities)
The vulnerability ID is CVE-2020-13630.
The affected software includes Apple tvOS 14.0, macOS Big Sur 11.0.1, iOS 14.0, iPadOS 14.0, watchOS 7.0, iTunes for Windows 12.10.9, and iCloud for Windows 11.5.
The severity of CVE-2020-13630 is not specified.
The remediation for CVE-2020-13630 is to update to the specified versions of the affected software.
You can find more information about CVE-2020-13630 on the Apple support website.