{ "threat_severity" : "Moderate", "public_date" : "2020-05-23T00:00:00Z", "bugzilla" : { "description" : "sqlite: NULL pointer dereference in sqlite3ExprCodeTarget()", "id" : "1841231", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1841231" }, "cvss3" : { "cvss3_base_score" : "5.5", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-476", "details" : [ "SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c.", "A NULL pointer dereference flaw was found in SQLite when rewriting select statements for window functions. This flaw allows an attacker who can execute SQL statements, to crash the application, resulting in a denial of service." ], "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2021-11-09T00:00:00Z", "advisory" : "RHSA-2021:4396", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "sqlite-0:3.26.0-15.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2021-11-09T00:00:00Z", "advisory" : "RHSA-2021:4396", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "sqlite-0:3.26.0-15.el8" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/cephcsi-rhel9:sha256:4c44c079dccf8e9cbf0a1bbf295986fd496aeb0aa23ad8d324302e218f14ba8f" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/cephcsi-rhel9-operator:sha256:29fb0fd11d7a108f65416fc80abbd8bb50f64a173689e923753c01df79f531e3" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/mcg-core-rhel9:sha256:3959ddbd5e30450cd65ba2cee8bcbe66fb260d5e17d864d20da1f8532a472f58" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/mcg-rhel9-operator:sha256:c0925c14fef769a74cefbf902659aefecea7aa6241f1281ff2f14712dd356747" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/ocs-client-console-rhel9:sha256:c9c249f77da5494a08151d90211799f46c501a136c63bdf5fab8528033c1a078" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/ocs-client-rhel9-operator:sha256:189525c32c30efde779dde1bc7a1310ea1845bb816cfe721081444f515c7fc14" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/ocs-metrics-exporter-rhel9:sha256:b9f32156698d517524707b1e62fb07d244fd3c5baa6c8e0dc63b7f3136ecb689" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/ocs-rhel9-operator:sha256:692d43c0ab28b5919129f1617b105fd348dd97d37d88dd1d911d61a26eb7601b" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/odf-cli-rhel9:sha256:b4b2fe4c505060bac1710c73e699ed13b0a5fea32e1ba16166f929fb8cceba33" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/odf-cloudnative-pg-rhel9-operator:sha256:b9c8f6ffca5a91d1184ef803bb4db14770cb35d305feb168412fa3a36c440d10" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/odf-console-rhel9:sha256:7862c67b17eb6c291db11ecdf6e8c54fac9f2c6b45e816d0b8b79594c70faeaa" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/odf-cosi-sidecar-rhel9:sha256:819edb52f8559427f190f687840a5417de59662fa8bc5129e26e3ed2cf0e0276" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/odf-csi-addons-rhel9-operator:sha256:07979ff44a1e9132ce0df0cfd4b151ce0ab38c91c2ccbd62daed4b7654645a02" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/odf-csi-addons-sidecar-rhel9:sha256:91a659aa4db7d9410801f8120226ea41fca011b9853457d2225433b75ea87407" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/odf-multicluster-console-rhel9:sha256:398dcf8a25e4bd40310e9fc7451f9ec65b09da52cea0f147f9a3244d870c2ec8" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/odf-multicluster-rhel9-operator:sha256:55f3d3d591472741f840b921533812a91653d084acbb74e2aea150695d2e4452" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/odf-must-gather-rhel9:sha256:c2d5160cf4d8fef47ca7caaf3b03052622cf49d75c6dd3ecd05f06bdc4e2291b" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/odf-rhel9-operator:sha256:e5387c81ea125ddc86211d548a45699f989c36c3cf7a2c815e8d79097e32749b" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/odr-rhel9-operator:sha256:dc5d9c9a06b8c5b0dc347d9b4465e2f26141d4f2be9cf7df36a862e942c3267a" }, { "product_name" : "Red Hat Openshift Data Foundation 4.19", "release_date" : "2025-09-23T00:00:00Z", "advisory" : "RHSA-2025:16504", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9", "package" : "odf4/rook-ceph-rhel9-operator:sha256:030161e80c9b75186b6843d08ca3173ea4c98614e9a20b434c00a1e7b535b8f7" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Out of support scope", "package_name" : "sqlite", "cpe" : "cpe:/o:redhat:enterprise_linux:5" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "sqlite", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Will not fix", "package_name" : "sqlite", "cpe" : "cpe:/o:redhat:enterprise_linux:7" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2020-13435\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-13435" ], "name" : "CVE-2020-13435", "csaw" : false }