CVE-2020-13632

CVE	CVE-2020-13632
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2020-05-27 15:15:00 UTC
Updated	2023-11-07 03:16:00 UTC
Description	ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.

Problem Types: CWE-476

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Brocade	Fabric Operating System	-	All	All	All
Operating System	Canonical	Ubuntu Linux	16.04	All	All	All
Operating System	Canonical	Ubuntu Linux	18.04	All	All	All
Operating System	Canonical	Ubuntu Linux	19.10	All	All	All
Operating System	Canonical	Ubuntu Linux	20.04	All	All	All
Operating System	Debian	Debian Linux	9.0	All	All	All
Operating System	Fedoraproject	Fedora	32	All	All	All
Operating System	Fedoraproject	Fedora	32	All	All	All
Application	Netapp	Cloud Backup	-	All	All	All
Hardware	Netapp	Hci Compute Node	-	All	All	All
Operating System	Netapp	Hci Compute Node Firmware	-	All	All	All
Application	Netapp	Solidfire Enterprise Sds Hci Storage Node	-	All	All	All
Application	Oracle	Communications Network Charging And Control	6.0.1	All	All	All
Application	Oracle	Communications Network Charging And Control	All	All	All	All
Application	Oracle	Outside In Technology	8.5.4	All	All	All
Application	Oracle	Outside In Technology	8.5.5	All	All	All
Application	Oracle	Zfs Storage Appliance Kit	8.8	All	All	All
Application	Siemens	Sinec Infrastructure Network Services	All	All	All	All
Application	Sqlite	Sqlite	All	All	All	All
Application	Sqlite	Sqlite	All	All	All	All

Reference	Source	Link	Tags
June 2020 SQLite Vulnerabilities in NetApp Products \| NetApp Product Security	CONFIRM	security.netapp.com	Third Party Advisory
SQLite: Check-in [a4dd1489]	MISC	sqlite.org	Vendor Advisory
Oracle Critical Patch Update Advisory - July 2020	MISC	www.oracle.com
USN-4394-1: SQLite vulnerabilities \| Ubuntu security notices	UBUNTU	usn.ubuntu.com
FreeBSD-SA-20:22	FREEBSD	security.FreeBSD.org
Oracle Critical Patch Update Advisory - October 2020	MISC	www.oracle.com
SQLite: Multiple vulnerabilities (GLSA 202007-26) — Gentoo security	GENTOO	security.gentoo.org
[SECURITY] Fedora 32 Update: sqlite-3.32.1-1.fc32 - package-announce - Fedora Mailing-Lists		lists.fedoraproject.org
[SECURITY] [DLA 2340-1] sqlite3 security update	MLIST	lists.debian.org
1080459 - chromium - An open-source project to help move the web forward. - Monorail	MISC	bugs.chromium.org	Permissions Required, Third Party Advisory
[SECURITY] Fedora 32 Update: sqlite-3.32.1-1.fc32 - package-announce - Fedora Mailing-Lists	FEDORA	lists.fedoraproject.org	Third Party Advisory
cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf	CONFIRM	cert-portal.siemens.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

296073 Oracle Solaris 11.4 Support Repository Update (SRU) 24.75.2 Missing (CPUJUL2020)
377330 Alibaba Cloud Linux Security Update for mingw packages (ALINUX3-SA-2022:0121)
377341 Alibaba Cloud Linux Security Update for sqlite (ALINUX3-SA-2022:0111)
591406 Siemens SIMATIC S7-1500 CPU GNU/Linux subsystem Multiple Vulnerabilities (SSB-439005, ICSA-22-104-13)
750831 SUSE Enterprise Linux Security Update for sqlite3 (SUSE-SU-2021:2320-1)
750834 OpenSUSE Security Update for sqlite3 (openSUSE-SU-2021:2320-1)
750856 OpenSUSE Security Update for sqlite3 (openSUSE-SU-2021:1058-1)
751168 SUSE Enterprise Linux Security Update for sqlite3 (SUSE-SU-2021:3215-1)
770068 Red Hat OpenShift Container Platform 4.6 Security Update (RHSA-2021:0436)
940088 AlmaLinux Security Update for mingw (ALSA-2021:1968)
940337 AlmaLinux Security Update for sqlite (ALSA-2020:4442)
960229 Rocky Linux Security Update for mingw (RLSA-2021:1968)