UBUNTU-CVE-2017-2518
Advisory lineage Upstream: 1 Downstream: 2
Upstream
Downstream
Published: 22 May 2017, 00:00
Last modified:22 Apr 2026, 11:23
Vulnerability Summary
Overall Risk (default)
high
70/100 CVSS Score
9.8 CRITICAL
3.0 (osv_ubuntu)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
22 May 2017, 00:00
Published
Vulnerability first disclosed
22 Apr 2026, 11:23
Last Modified
Vulnerability information updated
Description
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted SQL statement.
CVSS Metrics
- v3.0•CRITICAL•Score: 9.8CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Systems
- ubuntu•sqlite3
< 3.8.2-1ubuntu2.2+esm1 | < 3.11.0-1ubuntu1.2
References (9)
- https://ubuntu.com/security/CVE-2017-2518
- https://support.apple.com/HT207797
- https://support.apple.com/HT207798
- https://support.apple.com/HT207800
- https://support.apple.com/HT207801
- https://clusterfuzz-external.appspot.com/testcase?key=4603622180519936
- https://ubuntu.com/security/notices/USN-4019-1
- https://ubuntu.com/security/notices/USN-4019-2
- https://www.cve.org/CVERecord?id=CVE-2017-2518