CVE-2021-20227

Summary

A flaw was found in SQLite's SELECT query functionality (src/select.c). This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial of service or possible code execution by triggering a use-after-free. The highest threat from this vulnerability is to system availability.

Affected Software

VendorProductVersion RangeStatus
n/asqlitesqlite 3.34.1affected

Weaknesses

  • CWE-416: CWE-416

ADP Enrichment

CVE Program Container

Additional References

References