In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."
| Version | Score | Severity | Vector String |
|---|---|---|---|
| 3.1 | 6.5 | Medium | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
| Product | Vendor | Version |
|---|---|---|
| n/a | n/a | 2008 R2 for Itanium-Based Systems Service Pack 1 |
| n/a | n/a | versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, 8.0.0.0 - 8.0.0.6, versions 7.2.1.x and version 7.1.1.11 |