CVE-2022-35737
Scores
EPSS
Percentile: 51.9%
CVSS
CVSS Score: 5.9/10
All CVSS Scores
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Vector Breakdown
CVSS (Common Vulnerability Scoring System) vector provides detailed metrics about vulnerability characteristics
CVSS
Attack Vector
Network (N)
Describes how the vulnerability is exploited
Attack Complexity
High (H)
Describes the conditions beyond the attacker's control
Privileges Required
None (N)
Describes the level of privileges an attacker must possess
User Interaction
None (N)
Captures the requirement for a human user participation
Scope
Unchanged (U)
Determines if a successful attack impacts components beyond the vulnerable component
Confidentiality Impact
None (N)
Measures the impact to the confidentiality of information
Integrity Impact
None (N)
Measures the impact to integrity of a successfully exploited vulnerability
Availability Impact
High (H)
Measures the impact to the availability of the impacted component
Description
SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.
Scaner-VS 7 — a modern vulnerability management solution
Sources
CWEs
Related Vulnerabilities
Exploits
Exploit ID: CVE-2022-35737
Source: github-poc
Vulnerable Software (78)
Type: Configuration
Product: lemon
Operating System: altlinux
{ "fixed": "0:3.39.2-alt1"}
Source: redhat
Type: Configuration
Product: libsqlite3
Operating System: altlinux
{ "fixed": "0:3.39.2-alt1"}
Source: redhat
Type: Configuration
Product: libsqlite3-devel
Operating System: altlinux
{ "fixed": "0:3.39.2-alt1"}
Source: redhat
Type: Configuration
Product: sqlite
Operating System: ubuntu kinetic 22.10
{ "unaffected": true}
Source: ubuntu
Type: Configuration
Product: sqlite
Operating System: rhel 8
{ "fixed": "3.26.0-17.el8_7"}
Source: redhat
Type: Configuration
Product: sqlite
Operating System: rhel
{ "fixed": "3.26.0-16.el8_6.1"}
Source: redhat
Type: Configuration
Product: sqlite
Operating System: rhel
{ "fixed": "3.34.1-6.el9_1"}
Source: redhat
Type: Configuration
Product: sqlite
Operating System: rhel 9
{ "fixed": "3.34.1-6.el9_1"}
Source: redhat
Type: Configuration
Product: sqlite
Operating System: rhel
{ "fixed": "3.26.0-17.el8_7"}
Source: redhat
Type: Configuration
Product: sqlite
Operating System: debian
{ "unfixed": true}
Source: debian
Type: Configuration
Product: sqlite
Operating System: ubuntu xenial 16.04
{ "unfixed": true}
Source: ubuntu
Type: Configuration
Product: sqlite
Operating System: ubuntu trusty 14.04
{ "unfixed": true}
Source: ubuntu
Type: Configuration
Product: sqlite
Operating System: ubuntu bionic 18.04
{ "unaffected": true}
Source: ubuntu
Type: Configuration
Product: sqlite
Operating System: ubuntu focal 20.04
{ "unaffected": true}
Source: ubuntu
Type: Configuration
Product: sqlite
Operating System: ubuntu jammy 22.04
{ "unaffected": true}
Source: ubuntu
Type: Configuration
Product: sqlite3
Operating System: ubuntu bionic 18.04
{ "fixed": "3.22.0-1ubuntu0.7"}
Source: ubuntu
Type: Configuration
Product: sqlite3
Operating System: altlinux
{ "fixed": "0:3.39.2-alt1"}
Source: redhat
Type: Configuration
Product: sqlite3
Operating System: debian
{ "fixed": "3.39.2-1"}
Source: debian
Type: Configuration
Product: sqlite3
Operating System: ubuntu focal 20.04
{ "fixed": "3.31.1-4ubuntu0.5"}
Source: ubuntu
Type: Configuration
Product: sqlite3
Operating System: ubuntu jammy 22.04
{ "fixed": "3.37.2-2ubuntu0.1"}
Source: ubuntu
Type: Configuration
Product: sqlite3
Operating System: ubuntu kinetic 22.10
{ "unaffected": true}
Source: ubuntu
Type: Configuration
Product: sqlite3
Operating System: ubuntu lunar 23.04
{ "unaffected": true}
Source: ubuntu
Type: Configuration
Product: sqlite3
Operating System: ubuntu mantic 23.10
{ "unaffected": true}
Source: ubuntu
Type: Configuration
Product: sqlite3
Operating System: ubuntu noble 24.04
{ "unaffected": true}
Source: ubuntu
Type: Configuration
Product: sqlite3
Operating System: ubuntu oracular 24.10
{ "unaffected": true}
Source: ubuntu
Type: Configuration
Product: sqlite3
Operating System: ubuntu plucky 25.04
{ "unaffected": true}
Source: ubuntu
Type: Configuration
Product: sqlite3
Operating System: ubuntu questing 25.10
{ "unaffected": true}
Source: ubuntu
Type: Configuration
Product: sqlite3
Operating System: ubuntu trusty 14.04
{ "unfixed": true}
Source: ubuntu
Type: Configuration
Product: sqlite3
Operating System: ubuntu xenial 16.04
{ "unfixed": true}
Source: ubuntu
Type: Configuration
Product: sqlite3
Operating System: astra 4.7.3.8
{ "unaffected": true}
Source: astra
Type: Configuration
Product: sqlite3
Operating System: astra 1.6.12
{ "unaffected": true}
Source: astra
Type: Configuration
Product: sqlite3
Operating System: astra 8.1.4
{ "unaffected": true}
Source: astra
Type: Configuration
Product: sqlite3
Operating System: astra 1.7.3.10
{ "unaffected": true}
Source: astra
Type: Configuration
Product: sqlite3-doc
Operating System: altlinux
{ "fixed": "0:3.39.2-alt1"}
Source: redhat
Type: Configuration
Product: tcl-sqlite3
Operating System: altlinux
{ "fixed": "0:3.39.2-alt1"}
Source: redhat
Type: Configuration
Vendor: *
Product: ontap_select_deploy_administration_utility
Operating System: * * *
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Configuration
Vendor: *
Product: sqlite
Operating System: * * *
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:sqlite:sqlite:*:*:*:*:*:*:*:*", "versionEndExcluding": "3.39.2", "versionStartIncluding": "1.0.12", "vulnerable": true } ]...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:sqlite:sqlite:*:*:*:*:*:*:*:*", "versionEndExcluding": "3.39.2", "versionStartIncluding": "1.0.12", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Configuration
Vendor: *
Product: universal_forwarder
Operating System: * * *
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*", "versionEndExcluding": "8.2.12", "versionStartIncluding": "8.2.0", "vulnerable": tr...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*", "versionEndExcluding": "8.2.12", "versionStartIncluding": "8.2.0", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*", "versionEndExcluding": "9.0.6", "versionStartIncluding": "9.0.0", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.2227
Operating System: Windows 20348 build 2227
Identifier: KB5034129
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 17763.5329
Operating System: Windows 17763 build 5329
Identifier: KB5034127
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.3566
Operating System: Windows 20348 build 3566
Identifier: KB5059092
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.4529
Operating System: Windows 20348 build 4529
Identifier: KB5071547
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.4893
Operating System: Windows 20348 build 4893
Identifier: KB5078766
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.3328
Operating System: Windows 20348 build 3328
Identifier: KB5053603
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.2527
Operating System: Windows 20348 build 2527
Identifier: KB5039227
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.2402
Operating System: Windows 20348 build 2402
Identifier: KB5036909
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.3453
Operating System: Windows 20348 build 3453
Identifier: KB5055526
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.2700
Operating System: Windows 20348 build 2700
Identifier: KB5042881
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.2461
Operating System: Windows 20348 build 2461
Identifier: KB5037782
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.2342
Operating System: Windows 20348 build 2342
Identifier: KB5037422
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.3932
Operating System: Windows 20348 build 3932
Identifier: KB5062572
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.4651
Operating System: Windows 20348 build 4651
Identifier: KB5078136
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.3207
Operating System: Windows 20348 build 3207
Identifier: KB5051979
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.2966
Operating System: Windows 20348 build 2966
Identifier: KB5048654
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.4294
Operating System: Windows 20348 build 4294
Identifier: KB5066782
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.3695
Operating System: Windows 20348 build 3695
Identifier: KB5061906
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.3807
Operating System: Windows 20348 build 3807
Identifier: KB5060526
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.3692
Operating System: Windows 20348 build 3692
Identifier: KB5058385
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.4650
Operating System: Windows 20348 build 4650
Identifier: KB5077800
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.4171
Operating System: Windows 20348 build 4171
Identifier: KB5065432
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.2529
Operating System: Windows 20348 build 2529
Identifier: KB5041054
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.2762
Operating System: Windows 20348 build 2762
Identifier: KB5044281
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.3561
Operating System: Windows 20348 build 3561
Identifier: KB5058920
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.2582
Operating System: Windows 20348 build 2582
Identifier: KB5040437
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.3091
Operating System: Windows 20348 build 3091
Identifier: KB5049983
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.3095
Operating System: Windows 20348 build 3095
Identifier: KB5052819
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB5047767
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.4052
Operating System: Windows 20348 build 4052
Identifier: KB5063880
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.4773
Operating System: Windows 20348 build 4773
Identifier: KB5075906
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.4776
Operating System: Windows 20348 build 4776
Identifier: KB5082314
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 10.0.20348.4405
Operating System: Windows 20348 build 4405
Identifier: KB5068787
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.2340
Operating System: Windows 20348 build 2340
Identifier: KB5035857
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.2322
Operating System: Windows 20348 build 2322
Identifier: KB5034770
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.2849
Operating System: Windows 20348 build 2849
Identifier: KB5046616
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.2655
Operating System: Windows 20348 build 2655
Identifier: KB5041160
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 10.0.20348.4294
Operating System: Windows 20348 build 4294
Identifier: KB5070884
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 20348.4648
Operating System: Windows 20348 build 4648
Identifier: KB5073457
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 19044.3930
Operating System: Windows 19044 build 3930
Identifier: KB5034122
Source: msrc