DEBIAN-CVE-2019-9937
Advisory lineage Upstream: 1 Downstream: 1
Upstream
Downstream
Published: 22 Mar 2019, 08:29
Last modified:28 Apr 2026, 20:21
Vulnerability Summary
Overall Risk (default)
medium
30/100 CVSS Score
7.5 HIGH
3.0 (osv_debian)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
22 Mar 2019, 08:29
Published
Vulnerability first disclosed
28 Apr 2026, 20:21
Last Modified
Vulnerability information updated
Description
In SQLite 3.27.2, interleaving reads and writes in a single transaction with an fts5 virtual table will lead to a NULL Pointer Dereference in fts5ChunkIterate in sqlite3.c. This is related to ext/fts5/fts5_hash.c and ext/fts5/fts5_index.c.
CVSS Metrics
- v3.0•HIGH•Score: 7.5CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Systems
- debian•sqlite3
< 3.27.2-2 | < 3.27.2-2 | < 3.27.2-2 | < 3.27.2-2