CVE-2019-19925 (NVD)
- Vulnerability Info (edit)zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.
| Products | Sqlite |
| Type |
Unrestricted Upload of File with Dangerous Type (CWE-434) |
| First patch | - None (likely due to unavailable code) |
| Patches | https://github.com/sqlite/sqlite/commit/54d501092d88c0cf89bec4279951f548fb0b8618 |
| Links | https://security.netapp.com/advisory/ntap-20200114-0003/ |
| Annotation |
Note: No patch was assigned yet. |