VDB

DEBIAN-CVE-2019-16168

DEBIAN-CVE-2019-16168 PUBLISHED CVSS 6.5 MEDIUM

In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."

Risk Scores

CVSS 3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Debian:11sqlite30, 0, 0
Debian:12sqlite30, 0, 0
Debian:13sqlite30, 0, 0
Debian:14sqlite30, 0, 0

Timeline

  • Sep 9, 2019 CVE Published
  • Apr 28, 2026 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›