CVE-2023-7104 | SQLite SQLite3 up to 3.43.0 make alltest sqlite3session.c sessionReadRecord heap-based overflow

Inserito da Angelo Barbosa | Dic 25, 2023 | CVE

A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow.

The identification of this vulnerability is CVE-2023-7104. The attack can only be initiated within the local network. Furthermore, there is an exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2023-7104 | SQLite SQLite3 up to 3.43.0 make alltest sqlite3session.c sessionReadRecord heap-based overflow

Post correlati

CVE-2024-35911 | Linux Kernel up to 6.6.25/6.8.4 ice_vsi_free_q_vectors null pointer dereference (e40a02f06ceb/11ff8392943e/1cb7fdb1dfde)

CVE-2024-1569 | parisneo lollms-webui up to 9.1 /open_code_in_vs_code resource consumption

CVE-2024-42056 | Retool up to 3.40.0 /api/resources information disclosure

CVE-2024-9883 | Pods Plugin up to 3.2.7.0 on WordPress Setting cross site scripting