Executive Summary

Informations
Name CVE-2020-13630 First vendor Publication 2020-05-27
Vendor Cve Last vendor Modification 2020-06-16

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Overall CVSS Score 7
Base Score 7 Environmental Score 7
impact SubScore 5.9 Temporal Score 7
Exploitabality Sub Score 1
 
Attack Vector Local Attack Complexity High
Privileges Required Low User Interaction None
Scope Unchanged Confidentiality Impact High
Integrity Impact High Availability Impact High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score 4.4 Attack Range Local
Cvss Impact Score 6.4 Attack Complexity Medium
Cvss Expoit Score 3.4 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13630

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-416 Use After Free

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 302
Os 1

Sources (Detail)

Source Url
CONFIRM https://security.netapp.com/advisory/ntap-20200608-0002/
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedorapr...
MISC https://bugs.chromium.org/p/chromium/issues/detail?id=1080459
https://sqlite.org/src/info/0d69f76f0865f962
UBUNTU https://usn.ubuntu.com/4394-1/

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
Date Informations
2020-06-17 05:22:42
  • Multiple Updates
2020-06-10 21:23:12
  • Multiple Updates
2020-06-10 05:22:51
  • Multiple Updates
2020-06-08 17:22:53
  • Multiple Updates
2020-06-02 12:26:21
  • Multiple Updates
2020-05-28 05:22:50
  • Multiple Updates
2020-05-27 21:23:02
  • First insertion