CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-5018

An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.074

EPSS Ranking 91.3%

CVSS Severity

CVSS v3 Score 8.1

CVSS v2 Score 6.8

References

Products affected by CVE-2019-5018

Sqlite » Sqlite » Version: 3.26.0

cpe:2.3:a:sqlite:sqlite:3.26.0
Canonical » Ubuntu Linux » Version: 12.04

cpe:2.3:o:canonical:ubuntu_linux:12.04
Canonical » Ubuntu Linux » Version: 16.04

cpe:2.3:o:canonical:ubuntu_linux:16.04
Canonical » Ubuntu Linux » Version: 18.04

cpe:2.3:o:canonical:ubuntu_linux:18.04
Canonical » Ubuntu Linux » Version: 19.04

cpe:2.3:o:canonical:ubuntu_linux:19.04
Canonical » Ubuntu Linux » Version: 19.10

cpe:2.3:o:canonical:ubuntu_linux:19.10

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-5018

Products

Pricing

Contact Us