CVE-2021-36690
Published: 24 August 2021
Summary
CVE-2021-36690 is a high-severity an unspecified weakness vulnerability in Sqlite Sqlite. Its CVSS base score is 7.5 (High).
Operationally, ranked in the top 17.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2021-23285
Vulnerability details
A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full…
more
privileges (e.g., is intentionally allowed to execute commands). This report does NOT imply any problem in the SQLite library.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.