7.5
CVE-2019-19880
- EPSS 8.44%
- Veröffentlicht 18.12.2019 06:15:12
- Zuletzt bearbeitet 21.11.2024 04:35:34
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Netapp ≫ Cloud Backup Version-
Debian ≫ Debian Linux Version9.0
Debian ≫ Debian Linux Version10.0
Suse ≫ Package Hub Version-
Redhat ≫ Enterprise Linux Desktop Version6.0
Redhat ≫ Enterprise Linux Server Version6.0
Redhat ≫ Enterprise Linux Workstation Version6.0
Opensuse ≫ Backports Sle Version15.0 Updatesp1
Oracle ≫ Mysql Workbench Version <= 8.0.19
Siemens ≫ Sinec Infrastructure Network Services Version < 1.0.1.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 8.44% | 0.92 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.