Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concat_ws() SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string (e.g., 2MB or more), an integer overflow occurs in calculating the size of the result buffer, and thus malloc may not allocate enough memory.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L
Vulnerability Type
整数溢出或超界折返
Vulnerability Title
SQLite 安全漏洞
Vulnerability Description
SQLite是一款轻型的数据库,是遵守ACID的关系型数据库管理系统。 SQLite 3.49.0版本存在安全漏洞,该漏洞源于concat函数可能导致整数溢出。
CVSS Information
N/A
Vulnerability Type
N/A