CVE-2020-13631: SQL Injection
First published: Wed May 27 2020(Updated: )
Last updated 24 July 2024
Credit: cve@mitre.org CVE-2020-13631
| Affected Software | Affected Version | How to fix |
|---|---|---|
| <3.32.0 | ||
| =32 | ||
| =16.04 | ||
| =18.04 | ||
| =19.10 | ||
| =20.04 | ||
| <1.0.1.1 | ||
| <11.5 | ||
| <12.10.9 | ||
| <14.0 | ||
| <14.0 | ||
| <11.0.1 | ||
| <14.0 | ||
| <7.0 | ||
| >=12.0.0<=12.0.3 | ||
| =6.0.1 | ||
| =8.5.4 | ||
| =8.5.5 | ||
| =8.8 | ||
| redhat/sqlite | <3.32.0 | 3.32.0 |
| debian/sqlite3 | 3.34.1-3 3.34.1-3+deb11u1 3.40.1-2+deb12u1 3.46.1-1 | |
| Apple macOS | <11.0.1 | 11.0.1 |
| F5 BIG-IP | >=17.1.0<=17.1.1 | |
| F5 BIG-IP | >=16.1.0<=16.1.5 | |
| F5 BIG-IP | >=15.1.0<=15.1.10 | |
| F5 BIG-IQ Centralized Management | >=8.2.0<=8.3.0 | |
| tvOS | <14.0 | 14.0 |
| Apple iOS, iPadOS, and watchOS | <14.0 | 14.0 |
| Apple iOS, iPadOS, and watchOS | <14.0 | 14.0 |
| Apple iOS, iPadOS, and watchOS | <7.0 | 7.0 |
| Apple iTunes | <12.10.9 | 12.10.9 |
| Apple iCloud | <11.5 | 11.5 |
| SQLite | <3.32.0 | |
| Fedoraproject Fedora | =32 | |
| Ubuntu | =16.04 | |
| Ubuntu | =18.04 | |
| Ubuntu | =19.10 | |
| Ubuntu | =20.04 | |
| netapp cloud backup | ||
| netapp solidfire\, enterprise sds \& hci storage node | ||
| Brocade Fabric OS | ||
| All of | ||
| netapp hci compute node firmware | ||
| netapp hci compute node | ||
| siemens sinec infrastructure network services | <1.0.1.1 | |
| Apple iCloud for Windows | <11.5 | |
| Apple iTunes for Windows | <12.10.9 | |
| Apple iOS, iPadOS, and watchOS | <14.0 | |
| iOS | <14.0 | |
| Apple iOS and macOS | <11.0.1 | |
| tvOS | <14.0 | |
| Apple iOS, iPadOS, and watchOS | <7.0 | |
| oracle communications network charging and control | >=12.0.0<=12.0.3 | |
| oracle communications network charging and control | =6.0.1 | |
| Oracle Outside In Technology | =8.5.4 | |
| Oracle Outside In Technology | =8.5.5 | |
| Oracle Sun ZFS Storage Appliance Kit | =8.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://seclists.org/fulldisclosure/2020/Dec/32
- http://seclists.org/fulldisclosure/2020/Nov/19
- http://seclists.org/fulldisclosure/2020/Nov/20
- http://seclists.org/fulldisclosure/2020/Nov/22
- https://bugs.chromium.org/p/chromium/issues/detail?id=1080459
- https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
- https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L7KXQWHIY2MQP4LNM6ODWJENMXYYQYBN/
- https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc
- https://security.gentoo.org/glsa/202007-26
- https://security.netapp.com/advisory/ntap-20200608-0002/
- https://sqlite.org/src/info/eca0ba2cf4c0fdf7
- https://support.apple.com/kb/HT211843
- https://support.apple.com/kb/HT211844
- https://support.apple.com/kb/HT211850
- https://support.apple.com/kb/HT211931
- https://support.apple.com/kb/HT211935
- https://support.apple.com/kb/HT211952
- https://usn.ubuntu.com/4394-1/
- https://www.oracle.com/security-alerts/cpujul2020.html
- https://www.oracle.com/security-alerts/cpuoct2020.html
- https://support.apple.com/en-us/HT211935 (Advisory)
- https://support.apple.com/en-us/HT211952 (Advisory)
- https://launchpad.net/bugs/cve/CVE-2020-13631
- https://support.apple.com/en-us/HT211931 (Advisory)
- https://support.apple.com/en-us/HT211844 (Advisory)
- https://support.apple.com/en-us/HT211843 (Advisory)
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1841569
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1841571
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1841570
- https://www.sqlite.org/vtab.html#xshadowname
- https://access.redhat.com/errata/RHSA-2020:4442
- https://access.redhat.com/security/cve/cve-2020-13631
- https://access.redhat.com/errata/RHSA-2021:1968
- https://bugzilla.redhat.com/show_bug.cgi?id=1841568
- https://support.apple.com/en-us/HT211850 (Advisory)
- https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L7KXQWHIY2MQP4LNM6ODWJENMXYYQYBN/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13631
- https://nvd.nist.gov/vuln/detail/CVE-2020-13631
- https://security-tracker.debian.org/tracker/CVE-2020-13631
- https://ubuntu.com/security/CVE-2020-13631
- https://my.f5.com/manage/s/article/K000148494
Parent vulnerabilities
(Appears in the following advisories)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2020-27914
- CVE-2020-27915
- CVE-2020-27903
- CVE-2020-27910
- CVE-2020-27916
- CVE-2020-9943
- CVE-2020-9944
- CVE-2020-27906
- CVE-2020-27945
- CVE-2020-27908
- CVE-2020-27909
- CVE-2020-9960
- CVE-2020-10017
- CVE-2020-9949
- CVE-2020-9897
- CVE-2020-9883
- CVE-2020-10003
- CVE-2020-27922
- CVE-2020-9999
- CVE-2020-27937
- CVE-2020-9965
- CVE-2020-9966
- CVE-2020-27894
- CVE-2020-36615
- CVE-2021-1790
- CVE-2021-1775
- CVE-2020-29629
- CVE-2020-27942
- CVE-2020-9962
- CVE-2020-27952
- CVE-2020-9956
- CVE-2020-27931
- CVE-2020-27930
- CVE-2020-27927
- CVE-2020-29639
- CVE-2020-10002
- CVE-2020-9978
- CVE-2020-9955
- CVE-2020-27924
- CVE-2020-27912
- CVE-2020-27923
- CVE-2020-9876
- CVE-2020-10015
- CVE-2020-27897
- CVE-2020-27907
- CVE-2020-27919
- CVE-2020-9967
- CVE-2020-9975
- CVE-2020-27921
- CVE-2020-27904
- CVE-2019-14899
- CVE-2020-27950
- CVE-2020-9974
- CVE-2020-10016
- CVE-2020-27932
- CVE-2020-27917
- CVE-2020-27920
- CVE-2020-27911
- CVE-2020-9971
- CVE-2020-10014
- CVE-2020-10010
- CVE-2020-9941
- CVE-2020-9988
- CVE-2020-9989
- CVE-2020-10011
- CVE-2020-13524
- CVE-2020-10004
- CVE-2020-9996
- CVE-2020-27901
- CVE-2020-27900
- CVE-2019-20838
- CVE-2020-14155
- CVE-2020-10007
- CVE-2020-27896
- CVE-2020-9963
- CVE-2020-10012
- CVE-2020-10663
- CVE-2020-9945
- CVE-2020-9977
- CVE-2020-9942
- CVE-2020-9987
- CVE-2021-1803
- CVE-2020-9969
- CVE-2020-27893
- CVE-2021-1755
- CVE-2020-10005
- CVE-2020-9991
- CVE-2020-9849
- CVE-2020-15358
- CVE-2020-13631
- CVE-2020-13434
- CVE-2020-13435
- CVE-2020-13630
- CVE-2020-27899
- CVE-2020-10009
- CVE-2020-10008
- CVE-2020-27918
- CVE-2020-9947
- CVE-2020-9950
- CVE-2020-27898
- CVE-2020-27935
- CVE-2020-10006
- CVE-2020-9979
- CVE-2020-9954
- CVE-2020-36521
- CVE-2020-9961
- CVE-2020-9976
- CVE-2020-9981
- CVE-2020-9968
- CVE-2020-9951
- CVE-2020-9983
- CVE-2020-9952
- CVE-2020-10013
- CVE-2020-9958
- CVE-2020-9773
- CVE-2020-9992
- CVE-2020-9964
- CVE-2020-13520
- CVE-2020-6147
- CVE-2020-9972
- CVE-2020-9973
- CVE-2020-9946
- CVE-2020-9993
- CVE-2020-9959
Frequently Asked Questions
What is CVE-2020-13631?
CVE-2020-13631 is a vulnerability in SQLite that was addressed by Apple with improved checks.
Which software versions are affected by CVE-2020-13631?
Apple tvOS up to version 14.0, Apple macOS Big Sur up to version 11.0.1, Apple iOS up to version 14.0, Apple iPadOS up to version 14.0, Apple watchOS up to version 7.0, Apple iTunes for Windows up to version 12.10.9, and Apple iCloud for Windows up to version 11.5 are affected by CVE-2020-13631.
What is the severity of CVE-2020-13631?
The severity of CVE-2020-13631 is not specified.
How was CVE-2020-13631 addressed?
CVE-2020-13631 was addressed by Apple with improved checks.
Where can I find more information about CVE-2020-13631?
You can find more information about CVE-2020-13631 on the Apple support website.
- collector/nvd-index
- agent/type
- collector/launchpad-cve
- source/Launchpad
- agent/weakness
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2020-13631
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- collector/usn-cve
- source/Ubuntu
- agent/remedy
- agent/description
- agent/first-publish-date
- collector/security-tracker-debian
- source/Debian
- agent/severity
- agent/references
- agent/event
- agent/last-modified-date
- agent/trending
- collector/apple-support
- agent/software-canonical-lookup-request
- agent/source
- collector/f5-advisory
- source/F5
- agent/author
- agent/softwarecombine
- agent/tags
- collector/nvd-cve
- source/NVD
- vendor/sqlite
- vendor/fedoraproject
- vendor/canonical
- vendor/netapp
- vendor/brocade
- vendor/siemens
- vendor/apple
- vendor/oracle
- package-manager/redhat
- package-manager/debian
- canonical/apple macos
- vendor/f5
- canonical/f5 big-ip
- version/f5 big-ip/17.1.0
- version/f5 big-ip/17.1.1
- version/f5 big-ip/16.1.0
- version/f5 big-ip/16.1.5
- version/f5 big-ip/15.1.0
- version/f5 big-ip/15.1.10
- canonical/f5 big-iq centralized management
- version/f5 big-iq centralized management/8.2.0
- version/f5 big-iq centralized management/8.3.0
- canonical/tvos
- canonical/apple ios, ipados, and watchos
- canonical/apple itunes
- canonical/apple icloud
- canonical/sqlite
- canonical/fedoraproject fedora
- version/fedoraproject fedora/32
- canonical/ubuntu
- version/ubuntu/16.04
- version/ubuntu/18.04
- version/ubuntu/19.10
- version/ubuntu/20.04
- canonical/netapp cloud backup
- canonical/netapp solidfire\, enterprise sds \& hci storage node
- canonical/brocade fabric os
- canonical/netapp hci compute node firmware
- canonical/netapp hci compute node
- canonical/siemens sinec infrastructure network services
- canonical/apple icloud for windows
- canonical/apple itunes for windows
- canonical/ios
- canonical/apple ios and macos
- canonical/oracle communications network charging and control
- version/oracle communications network charging and control/12.0.0
- version/oracle communications network charging and control/12.0.3
- version/oracle communications network charging and control/6.0.1
- canonical/oracle outside in technology
- version/oracle outside in technology/8.5.4
- version/oracle outside in technology/8.5.5
- canonical/oracle sun zfs storage appliance kit
- version/oracle sun zfs storage appliance kit/8.8