CVE-2021-45346 — Vulnetix

Try Vulnetix Request Demo

CVE-2021-45346 PUBLISHED

A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Database File), it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicious user obtain sensitive information. NOTE: The developer disputes this as a vulnerability stating that If you give SQLite a corrupted database file and submit a query against the database, it might read parts of the database that you did not intend or expect.

EPSS 0.27% · 50.4th percentile

Risk Scores

EPSS Score

0.27%

50.4th percentile

Affected Products

Vendor	Product	Versions
Bitnami	sqlite	3.37.0, 3.35.1
Bitnami	sqlite	3.35.1, 3.37.0

Timeline

Feb 14, 2022 CVE Published
Feb 15, 2022 EPSS Score
Apr 8, 2022 EPSS Score
May 29, 2022 EPSS Score
Jul 21, 2022 EPSS Score
Nov 1, 2022 EPSS Score
Dec 23, 2022 EPSS Score
Dec 28, 2022 EPSS Score
Feb 12, 2023 EPSS Score
Feb 23, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 5, 2023 EPSS Score

References

Open in Interactive Console →