{"id":"MGASA-2022-0175","summary":"Updated sqlite3 packages fix security vulnerability","details":"** DISPUTED ** A segmentation fault can occur in the sqlite3.exe\ncommand-line component of SQLite 3.36.0 via the idxGetTableInfo function\nwhen there is a crafted SQL query. NOTE: the vendor disputes the relevance\nof this report because a sqlite3.exe user already has full privileges\n(e.g., is intentionally allowed to execute commands). This report does NOT\nimply any problem in the SQLite library.\n\nAs the cve assignment is disputed, this update may be changed in future\nfrom a security update to a bugfix update.\n","modified":"2026-04-16T04:42:23.388254143Z","published":"2022-05-12T10:24:45Z","upstream":["CVE-2021-36690"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2022-0175.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=30384"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5403-1"}],"affected":[{"package":{"name":"sqlite3","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/sqlite3?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.34.1-1.2.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0175.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}