{
  "threat_severity" : "Moderate",
  "public_date" : "2020-05-14T00:00:00Z",
  "bugzilla" : {
    "description" : "sqlite: Virtual table can be renamed into the name of one of its shadow tables",
    "id" : "1841568",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1841568"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
    "status" : "verified"
  },
  "cwe" : "CWE-20",
  "details" : [ "SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.", "A flaw was found in the virtual table implementation of SQLite. This flaw allows an attacker who can execute SQL statements to rename a virtual table to the name of one of its shadow tables, leading to potential data corruption." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2020-11-04T00:00:00Z",
    "advisory" : "RHSA-2020:4442",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "sqlite-0:3.26.0-11.el8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2021-05-18T00:00:00Z",
    "advisory" : "RHSA-2021:1968",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8::crb",
    "package" : "mingw-binutils-0:2.30-3.el8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2021-05-18T00:00:00Z",
    "advisory" : "RHSA-2021:1968",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8::crb",
    "package" : "mingw-bzip2-0:1.0.6-14.el8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2021-05-18T00:00:00Z",
    "advisory" : "RHSA-2021:1968",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8::crb",
    "package" : "mingw-filesystem-0:104-2.el8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2021-05-18T00:00:00Z",
    "advisory" : "RHSA-2021:1968",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8::crb",
    "package" : "mingw-sqlite-0:3.26.0.0-1.el8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2020-11-04T00:00:00Z",
    "advisory" : "RHSA-2020:4442",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "sqlite-0:3.26.0-11.el8"
  }, {
    "product_name" : "Red Hat Openshift Data Foundation 4.19",
    "release_date" : "2025-09-23T00:00:00Z",
    "advisory" : "RHSA-2025:16504",
    "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9",
    "package" : "odf4/cephcsi-rhel9:sha256:4c44c079dccf8e9cbf0a1bbf295986fd496aeb0aa23ad8d324302e218f14ba8f"
  }, {
    "product_name" : "Red Hat Openshift Data Foundation 4.19",
    "release_date" : "2025-09-23T00:00:00Z",
    "advisory" : "RHSA-2025:16504",
    "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9",
    "package" : "odf4/cephcsi-rhel9-operator:sha256:29fb0fd11d7a108f65416fc80abbd8bb50f64a173689e923753c01df79f531e3"
  }, {
    "product_name" : "Red Hat Openshift Data Foundation 4.19",
    "release_date" : "2025-09-23T00:00:00Z",
    "advisory" : "RHSA-2025:16504",
    "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9",
    "package" : "odf4/mcg-core-rhel9:sha256:3959ddbd5e30450cd65ba2cee8bcbe66fb260d5e17d864d20da1f8532a472f58"
  }, {
    "product_name" : "Red Hat Openshift Data Foundation 4.19",
    "release_date" : "2025-09-23T00:00:00Z",
    "advisory" : "RHSA-2025:16504",
    "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9",
    "package" : "odf4/mcg-rhel9-operator:sha256:37c75c349e28507c8acce4682a8f84ae5b270a2045d75288f3b499f62d3b48ee"
  }, {
    "product_name" : "Red Hat Openshift Data Foundation 4.19",
    "release_date" : "2025-09-23T00:00:00Z",
    "advisory" : "RHSA-2025:16504",
    "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9",
    "package" : "odf4/ocs-client-console-rhel9:sha256:3baa5eadf2d9d389bde7e7c1ace3c7047904505c3ee7a27ffe7ad135e0ec8eb8"
  }, {
    "product_name" : "Red Hat Openshift Data Foundation 4.19",
    "release_date" : "2025-09-23T00:00:00Z",
    "advisory" : "RHSA-2025:16504",
    "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9",
    "package" : "odf4/ocs-client-rhel9-operator:sha256:189525c32c30efde779dde1bc7a1310ea1845bb816cfe721081444f515c7fc14"
  }, {
    "product_name" : "Red Hat Openshift Data Foundation 4.19",
    "release_date" : "2025-09-23T00:00:00Z",
    "advisory" : "RHSA-2025:16504",
    "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9",
    "package" : "odf4/ocs-metrics-exporter-rhel9:sha256:3e281be3ee1669685cc79a689b0f78c5372ee2595e845e40909389f92a5e372d"
  }, {
    "product_name" : "Red Hat Openshift Data Foundation 4.19",
    "release_date" : "2025-09-23T00:00:00Z",
    "advisory" : "RHSA-2025:16504",
    "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9",
    "package" : "odf4/ocs-rhel9-operator:sha256:425707f1853128945adf7ef1590d10a46276328e8bd000e51ac709b284f6dd6d"
  }, {
    "product_name" : "Red Hat Openshift Data Foundation 4.19",
    "release_date" : "2025-09-23T00:00:00Z",
    "advisory" : "RHSA-2025:16504",
    "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9",
    "package" : "odf4/odf-cli-rhel9:sha256:1fbe2505ba147fec7ddf1cc4573cbecb21e4df5cda1db6417a4639773501b6fe"
  }, {
    "product_name" : "Red Hat Openshift Data Foundation 4.19",
    "release_date" : "2025-09-23T00:00:00Z",
    "advisory" : "RHSA-2025:16504",
    "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9",
    "package" : "odf4/odf-cloudnative-pg-rhel9-operator:sha256:215488e22ad4e43bfb5770a14d3b8393e4111033041a2e07221fcee9ea9f89a1"
  }, {
    "product_name" : "Red Hat Openshift Data Foundation 4.19",
    "release_date" : "2025-09-23T00:00:00Z",
    "advisory" : "RHSA-2025:16504",
    "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9",
    "package" : "odf4/odf-console-rhel9:sha256:32aeeae377a7ca1463af2a9f64c069d2c02ad1340035d3ea4960518fa3d4db48"
  }, {
    "product_name" : "Red Hat Openshift Data Foundation 4.19",
    "release_date" : "2025-09-23T00:00:00Z",
    "advisory" : "RHSA-2025:16504",
    "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9",
    "package" : "odf4/odf-cosi-sidecar-rhel9:sha256:245175f874c384e0845660d13519d0f38c97b9eb845930f0695fff875ca8db07"
  }, {
    "product_name" : "Red Hat Openshift Data Foundation 4.19",
    "release_date" : "2025-09-23T00:00:00Z",
    "advisory" : "RHSA-2025:16504",
    "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9",
    "package" : "odf4/odf-csi-addons-rhel9-operator:sha256:07979ff44a1e9132ce0df0cfd4b151ce0ab38c91c2ccbd62daed4b7654645a02"
  }, {
    "product_name" : "Red Hat Openshift Data Foundation 4.19",
    "release_date" : "2025-09-23T00:00:00Z",
    "advisory" : "RHSA-2025:16504",
    "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9",
    "package" : "odf4/odf-csi-addons-sidecar-rhel9:sha256:91a659aa4db7d9410801f8120226ea41fca011b9853457d2225433b75ea87407"
  }, {
    "product_name" : "Red Hat Openshift Data Foundation 4.19",
    "release_date" : "2025-09-23T00:00:00Z",
    "advisory" : "RHSA-2025:16504",
    "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9",
    "package" : "odf4/odf-multicluster-console-rhel9:sha256:124c052e9e0ce1e51f31f5f5b5e0d5d07a3bfcd28ccaee1d35f7bac03aa26cc0"
  }, {
    "product_name" : "Red Hat Openshift Data Foundation 4.19",
    "release_date" : "2025-09-23T00:00:00Z",
    "advisory" : "RHSA-2025:16504",
    "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9",
    "package" : "odf4/odf-multicluster-rhel9-operator:sha256:0bed32485cb800e3058ebcaf16b3b8b08186e21d5fe62b1b00462c6add75a791"
  }, {
    "product_name" : "Red Hat Openshift Data Foundation 4.19",
    "release_date" : "2025-09-23T00:00:00Z",
    "advisory" : "RHSA-2025:16504",
    "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9",
    "package" : "odf4/odf-must-gather-rhel9:sha256:0df75543afe68ae11e7bbec2890c4cf9ea1fc9f5cfc068af7eb434c097bacc93"
  }, {
    "product_name" : "Red Hat Openshift Data Foundation 4.19",
    "release_date" : "2025-09-23T00:00:00Z",
    "advisory" : "RHSA-2025:16504",
    "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9",
    "package" : "odf4/odf-rhel9-operator:sha256:86cc3b8453454137c035d0aa32e503bdcb2c3db525c29655a13570811fd03085"
  }, {
    "product_name" : "Red Hat Openshift Data Foundation 4.19",
    "release_date" : "2025-09-23T00:00:00Z",
    "advisory" : "RHSA-2025:16504",
    "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9",
    "package" : "odf4/odr-rhel9-operator:sha256:0a760c412d3bbe1595b38d20f1284463f8406cb07a4e5e9958f9a1fe8642d2a0"
  }, {
    "product_name" : "Red Hat Openshift Data Foundation 4.19",
    "release_date" : "2025-09-23T00:00:00Z",
    "advisory" : "RHSA-2025:16504",
    "cpe" : "cpe:/a:redhat:openshift_data_foundation:4.19::el9",
    "package" : "odf4/rook-ceph-rhel9-operator:sha256:030161e80c9b75186b6843d08ca3173ea4c98614e9a20b434c00a1e7b535b8f7"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Out of support scope",
    "package_name" : "sqlite",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Out of support scope",
    "package_name" : "sqlite",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Will not fix",
    "package_name" : "sqlite",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2020-13631\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-13631" ],
  "name" : "CVE-2020-13631",
  "csaw" : false
}