Issued: Monday, 31 October, 2022 |
Last Revision: Monday, 31 October, 2022 |
Vendor: |
|
Severity Level: |
Summary:
An Integer Overflow vulnerability has been discovered in the SQLite database library. The vulnerability is identified as CVE-2022-35737 and rated with high severity.
On exploitation of the vulnerability, the attacker can execute arbitrary code and/or Denial of Service attack on vulnerable systems. Mainly 64-bit systems are impacted by this vulnerability.
| CVE/Vulnerability | Description | CVSS 3.1 Base Score | Exploitable |
| |
| CVE-2022-35737 | Integer Overflow | 7.5 | Yes |
| |
Table 1: Vulnerability details
| CVE/Vulnerability | Product(s) Detail |
| |
| CVE-2022-35737 | SQLite versions 1.0.12 through 3.39.1 |
| |
Table 2: Vulnerable versions
Recommendation:
We recommend impacted entities to update the SQLite Database Library with version 3.39.2 following the vendor recommendation.
References: