Sign In

CVE-2021-45346

ADVISORY - nist

Summary

A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Database File), it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicious user obtain sensitive information. NOTE: The developer disputes this as a vulnerability stating that If you give SQLite a corrupted database file and submit a query against the database, it might read parts of the database that you did not intend or expect.

EPSS Score: 0.00205 (0.430)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-401

Missing Release of Memory after Effective Lifetime

ADVISORY - redhat

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CWE-401

Missing Release of Memory after Effective Lifetime

Impacted images

Advisories

NIST

CREATED

UPDATED

ADVISORY IDCVE-2021-45346
EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND
COMMON WEAKNESS ENUMERATION (CWE)
CWE-401

CVSS SCORE

4.3medium

Debian

CREATED

UPDATED

ADVISORY IDCVE-2021-45346
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

UPDATED

ADVISORY IDCVE-2021-45346
EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

4.3low

Bitnami

CREATED

UPDATED

ADVISORY ID

BIT-2021-45346

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Bitnami

CREATED

UPDATED

ADVISORY ID

BIT-sqlite-2021-45346

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

4.3medium

Red Hat

CREATED

UPDATED

ADVISORY IDCVE-2021-45346
EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-200CWE-401

CVSS SCORE

4.3low

intheWild

CREATED

UPDATED

ADVISORY IDCVE-2021-45346
EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY