SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
Buffer Overflow
Information Disclosure
Sqlite
Ubuntu Linux
Fedora
+1
NVD
CVSS 3.1
9.8
EPSS
45.4%