In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."
AI analysis not yet available
Plain-English explanation, risk summary, and remediation steps will appear here once AI analysis is complete.
No Fix Known
No patch has been released yet. Apply workarounds or mitigations where available.
| Vendor | Product | Versions | Fixed In |
|---|---|---|---|
| sqlite | sqlite | 3.8.5 - 3.29.0 | - |
| netapp | active_iq_unified_manager | 7.3 | - |
| netapp | active_iq_unified_manager |
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
27
Affected Products
34
References
sqlite / sqlite
| 9.5 |
| - |
| netapp | e-series_santricity_os_controller | 11.0.0 - 11.60.3 | - |
| netapp | oncommand_insight | - | - |
| netapp | oncommand_workflow_automation | - | - |
| netapp | ontap_select_deploy_administration_utility | - | - |
| netapp | santricity_unified_manager | - | - |
| netapp | steelstore_cloud_integrated_storage | - | - |
| canonical | ubuntu_linux | - | - |
| canonical | ubuntu_linux | - | - |
| canonical | ubuntu_linux | - | - |
| canonical | ubuntu_linux | - | - |
| canonical | ubuntu_linux | - | - |
| fedoraproject | fedora | - | - |
| debian | debian_linux | - | - |
| tenable | nessus_agent | 8.2.3 | - |
| oracle | communications_design_studio | - | - |
| oracle | communications_design_studio | - | - |
| oracle | communications_design_studio | - | - |
| oracle | jdk | - | - |
| oracle | jre | - | - |
| oracle | mysql | 8.0.0 - 8.0.18 | - |
| oracle | outside_in_technology | - | - |
| oracle | solaris | - | - |
| oracle | zfs_storage_appliance | - | - |
| mcafee | policy_auditor | 6.5.1 | - |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Exploitability
Impact