ID:

CVE-2019-19925 (NVD)

- Vulnerability Info (edit)
2019-12-24

zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.

Products Sqlite
Type Unrestricted Upload of File with Dangerous Type (CWE-434)
First patch - None (likely due to unavailable code)
Patches https://github.com/sqlite/sqlite/commit/54d501092d88c0cf89bec4279951f548fb0b8618
Links https://security.netapp.com/advisory/ntap-20200114-0003/
Annotation

Note:

No patch was assigned yet.