7.5
CVE-2019-19880
- EPSS 8.44%
- Published 18.12.2019 06:15:12
- Last modified 21.11.2024 04:35:34
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.
Data is provided by the National Vulnerability Database (NVD)
Netapp ≫ Cloud Backup Version-
Debian ≫ Debian Linux Version9.0
Debian ≫ Debian Linux Version10.0
Suse ≫ Package Hub Version-
Redhat ≫ Enterprise Linux Desktop Version6.0
Redhat ≫ Enterprise Linux Server Version6.0
Redhat ≫ Enterprise Linux Workstation Version6.0
Opensuse ≫ Backports Sle Version15.0 Updatesp1
Oracle ≫ Mysql Workbench Version <= 8.0.19
Siemens ≫ Sinec Infrastructure Network Services Version < 1.0.1.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 8.44% | 0.92 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.