CVE-2020-11656

Description

In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.

Risk Information

Base Score

9.8

MODERATE

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

8.47

Associated Vulnerability

Vulnerability	OS Platform
Multiple Vulnerabilities are affected in Mysql 8.0.22	Windows
Multiple Vulnerabilities are affected in Mysql 8.0.5	Windows
Multiple Vulnerabilities are affected in Mysql 8.0.22 (For Linux)	Linux
Multiple Vulnerabilities are affected in Mysql 8.0.5 (For Linux)	Linux
Use After Free Vulnerability (CVE-2020-11656)	NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234