SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.
CVSS Score
7.5
EPSS Score
0.077
Published
2020-04-09
In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.
CVSS Score
9.8
EPSS Score
0.111
Published
2020-04-09
In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.
CVSS Score
7.5
EPSS Score
0.012
Published
2020-02-21
Page 2