{ "threat_severity" : "Moderate", "public_date" : "2019-12-09T00:00:00Z", "bugzilla" : { "description" : "sqlite: infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements", "id" : "1783305", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1783305" }, "cvss3" : { "cvss3_base_score" : "5.5", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-674", "details" : [ "alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements." ], "affected_release" : [ { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/cephcsi-rhel9:sha256:a4021d2130cfe6a04c7ff23547239c5114d87ab6db8b630ccff025557a2b686f" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/cephcsi-rhel9-operator:sha256:df1eee04994a4cb4e0912dcceeb163cbb5eb991e00279e32f59f5bd10870e027" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/mcg-core-rhel9:sha256:572faf6e2631e5dbb27d305c04b1c290f85282fc42013d4a8922b05065b1d69e" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/mcg-rhel9-operator:sha256:c0925c14fef769a74cefbf902659aefecea7aa6241f1281ff2f14712dd356747" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/ocs-client-console-rhel9:sha256:c9c249f77da5494a08151d90211799f46c501a136c63bdf5fab8528033c1a078" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/ocs-client-rhel9-operator:sha256:cab6cc6254d2226ea5ad6e7ca0b2ef445912983bda02612788a822cea77d50a9" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/ocs-metrics-exporter-rhel9:sha256:3e281be3ee1669685cc79a689b0f78c5372ee2595e845e40909389f92a5e372d" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/ocs-rhel9-operator:sha256:d244986c3c70c573757e110c4b0206afdefa90de95649cbe415282d73efff9e4" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/odf-cli-rhel9:sha256:b4b2fe4c505060bac1710c73e699ed13b0a5fea32e1ba16166f929fb8cceba33" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/odf-cloudnative-pg-rhel9-operator:sha256:b9c8f6ffca5a91d1184ef803bb4db14770cb35d305feb168412fa3a36c440d10" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/odf-console-rhel9:sha256:32aeeae377a7ca1463af2a9f64c069d2c02ad1340035d3ea4960518fa3d4db48" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/odf-cosi-sidecar-rhel9:sha256:3a11acadec7fa0b7d7409bf1beb0595a408e6de3d4a4a4cee3897f4876f847b0" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/odf-csi-addons-rhel9-operator:sha256:892a0598e91d1cf7ca888ac4a4613a394c2b65233a68d87308744411f797e1ac" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/odf-csi-addons-sidecar-rhel9:sha256:c2d13f3e165b09aa7bb21cdba8fd9f1f30fbc53ca50c212f1528ee3f84675b8a" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/odf-multicluster-console-rhel9:sha256:124c052e9e0ce1e51f31f5f5b5e0d5d07a3bfcd28ccaee1d35f7bac03aa26cc0" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/odf-multicluster-rhel9-operator:sha256:ddca72908fa5ddf3a22268f23429f6436de10dc6e9d2dbf4c0e01d13aa4bc724" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/odf-must-gather-rhel9:sha256:f9dac6ab62d6ef7786c1a47d64063f18e7af0c96a9144a01f2ca27382dbf773f" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/odf-rhel9-operator:sha256:ff5b515653e8277b6a71153a990fc33e4a6fc10e226d37220438ebf99e7df98a" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/odr-rhel9-operator:sha256:dc5d9c9a06b8c5b0dc347d9b4465e2f26141d4f2be9cf7df36a862e942c3267a" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/rook-ceph-rhel9-operator:sha256:3c15da58b7ff718d5dbf00fe344b6fa8d62d023bd18b6f6e708e9613fc95c594" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Out of support scope", "package_name" : "sqlite", "cpe" : "cpe:/o:redhat:enterprise_linux:5" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "sqlite", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Will not fix", "package_name" : "sqlite", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "sqlite", "cpe" : "cpe:/o:redhat:enterprise_linux:8" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2019-19645\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-19645" ], "name" : "CVE-2019-19645", "csaw" : false }