VDB
CVE-2020-13871
CVE-2020-13871
PUBLISHED
SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.
EPSS 2.44% · 85.5th percentile
Risk Scores
EPSS Score
2.44%
85.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | sqlite | 3.32.2 |
| Bitnami | sqlite | 3.32.2 |
Exploit Intelligence
- https://www.sqlite.org/src/info/c8d3b9f0a750a529 (nist-nvd)
- https://www.sqlite.org/src/info/cd708fa84d2aaaea (nist-nvd)
- CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
- CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
- CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
- CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
- CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
- CVE-2008-5161 OpenSSH 4.7p1 Audit Helper Automates version checking and credential auditing of legacy OpenSSH 4.7p1 (Debian-8ubuntu1) targets by driving Metasploit’s auxiliary/scanner/ssh/ssh_login module from Python via pwntools. (github-poc)
- CVE-2025-38062.yara (github-yara)
- CVE-2025-38062.yara (github-yara)
…and 4 more exploits
Timeline
- Jun 6, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf url
- https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html url
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BN32AGQPMHZRNM6P6L5GZPETOWTGXOKP/ url
- https://security.gentoo.org/glsa/202007-26 url
- https://security.netapp.com/advisory/ntap-20200619-0002/ url
- https://www.oracle.com/security-alerts/cpuApr2021.html url
- https://www.oracle.com/security-alerts/cpujan2021.html url
- https://www.sqlite.org/src/info/79eff1d0383179c4 url
- https://www.sqlite.org/src/info/c8d3b9f0a750a529 url
- https://www.sqlite.org/src/info/cd708fa84d2aaaea url
- https://nvd.nist.gov/vuln/detail/CVE-2020-13871 url