Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-109664

CVE-2022-46908 in sqlite plugin

    XMLWordPrintable

Details

    • Bug
    • Resolution: Out of scope
    • P1: Critical
    • None
    • 6.4.1
    • Core: Plugins, sqlite
    • None
    • Linux/X11, Windows

    Description

      CVE-2022-46908 reported for sqlite plugin:

      SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.
       

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            thiago Thiago Macieira
            gjunker Gregory Junker
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes