ALAS2-2020-1394

Affecting sqlite package, versions <3.7.17-8.amzn2.1.1

Report new vulnerabilities
high severity
Do your applications use this vulnerable package? Test your applications

Overview

Package updates are available for Amazon Linux 2 that fix the following vulnerabilities: CVE-2019-13734: 1781980: CVE-2019-13734 sqlite: fts3: improve shadow table corruption detection Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

References

CVE
ALAS2-2020-1394
Snyk ID
SNYK-AMZN2-SQLITE-550131
Published
20 Feb, 2020