First published: Tue Aug 24 2021(Updated: )
** DISPUTED ** A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges (e.g., is intentionally allowed to execute commands). This report does NOT imply any problem in the SQLite library.
Credit: cve@mitre.org CVE-2021-36690 CVE-2021-36690 CVE-2021-36690 CVE-2021-36690 cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
IBM DRM | <=2.0.6 | |
SQLite SQLite | =3.36.0 | |
Oracle ZFS Storage Appliance Kit | =8.8 | |
Apple iPhone OS | <16.0 | |
Apple macOS | <13.0 | |
Apple tvOS | <16.0 | |
Apple watchOS | <9.0 | |
Apple tvOS | <16 | 16 |
Apple macOS Ventura | <13 | 13 |
Apple iOS | <16 | 16 |
Apple watchOS | <9 | 9 |
=3.36.0 | ||
=8.8 | ||
<16.0 | ||
<13.0 | ||
<16.0 | ||
<9.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
(Found alongside the following vulnerabilities)
The vulnerability ID for this issue is CVE-2021-36690.
The affected software includes Apple iOS (up to version 16), Apple tvOS (up to version 16), Apple watchOS (up to version 9), and macOS Ventura (up to version 13).
The severity of CVE-2021-36690 has not been specified.
This vulnerability was addressed with improved checks.
Additional information about this vulnerability can be found in the references provided by Apple: [link1], [link2], [link3].