What the vulnerability does

01Description

A flaw was found in SQLite's SELECT query functionality (src/select.c). This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial of service or possible code execution by triggering a use-after-free. The highest threat from this vulnerability is to system availability.

Key dates

02Disclosure timeline

March 23, 2021 CVE published
August 3, 2024 Record updated