{"id":"USN-4298-2","summary":"sqlite3 vulnerabilities","details":"USN-4298-1 fixed several vulnerabilities in SQLite. This update provides\nthe corresponding update for Ubuntu 14.04 ESM.\n\nOriginal advisory details:\n\n It was discovered that SQLite incorrectly handled certain shadow tables. An\n attacker could use this issue to cause SQLite to crash, resulting in a\n denial of service, or possibly execute arbitrary code. (CVE-2019-13734,\n CVE-2019-13750, CVE-2019-13752, CVE-2019-13753)\n\n It was discovered that SQLite incorrectly handled certain corrupt records.\n An attacker could use this issue to cause SQLite to crash, resulting in a\n denial of service, or possibly execute arbitrary code. (CVE-2019-13751)\n\n It was discovered that SQLite incorrectly handled errors during parsing. An\n attacker could use this issue to cause SQLite to crash, resulting in a\n denial of service, or possibly execute arbitrary code. (CVE-2019-19926)\n","modified":"2026-04-27T15:48:44.054770340Z","published":"2020-08-03T18:29:59Z","related":["UBUNTU-CVE-2019-13734","UBUNTU-CVE-2019-13750","UBUNTU-CVE-2019-13751","UBUNTU-CVE-2019-13752","UBUNTU-CVE-2019-13753","UBUNTU-CVE-2019-19926"],"upstream":["CVE-2019-13734","CVE-2019-13750","CVE-2019-13751","CVE-2019-13752","CVE-2019-13753","CVE-2019-19926","UBUNTU-CVE-2019-13734","UBUNTU-CVE-2019-13750","UBUNTU-CVE-2019-13751","UBUNTU-CVE-2019-13752","UBUNTU-CVE-2019-13753","UBUNTU-CVE-2019-19926"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-4298-2"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-13734"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-13750"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-13751"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-13752"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-13753"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-19926"}],"affected":[{"package":{"name":"sqlite3","ecosystem":"Ubuntu:Pro:14.04:LTS","purl":"pkg:deb/ubuntu/sqlite3@3.8.2-1ubuntu2.2+esm2?arch=source&distro=trusty/esm"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.8.2-1ubuntu2.2+esm2"}]}],"versions":["3.7.17-1ubuntu1","3.8.0.2-1ubuntu1","3.8.1-1ubuntu1","3.8.1-1ubuntu3","3.8.2-1ubuntu1","3.8.2-1ubuntu2","3.8.2-1ubuntu2.1","3.8.2-1ubuntu2.2","3.8.2-1ubuntu2.2+esm1"],"ecosystem_specific":{"binaries":[{"binary_version":"3.8.2-1ubuntu2.2+esm2","binary_name":"lemon"},{"binary_version":"3.8.2-1ubuntu2.2+esm2","binary_name":"libsqlite3-0"},{"binary_version":"3.8.2-1ubuntu2.2+esm2","binary_name":"libsqlite3-tcl"},{"binary_version":"3.8.2-1ubuntu2.2+esm2","binary_name":"sqlite3"}],"availability":"Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4298-2.json","cves_map":{"ecosystem":"Ubuntu:Pro:14.04:LTS","cves":[{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2019-13734"},{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2019-13750"},{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2019-13751"},{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2019-13752"},{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2019-13753"},{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2019-19926"}]}}}],"schema_version":"1.7.5"}