In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-09-09T16:07:15

Updated: 2024-08-05T01:10:41.487Z

Reserved: 2019-09-09T00:00:00

Link: CVE-2019-16168

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-09-09T17:15:13.910

Modified: 2024-11-21T04:30:11.397

Link: CVE-2019-16168

cve-icon Redhat

Severity : Moderate

Publid Date: 2019-08-15T00:00:00Z

Links: CVE-2019-16168 - Bugzilla