Memory Corruption Affecting system.data.sqlite.core package, versions [,1.0.94.0)
Snyk CVSS
Attack Complexity
High
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-DOTNET-SYSTEMDATASQLITECORE-60236
- published 11 Jan 2018
- disclosed 31 Mar 2017
- credit Unknown
How to fix?
Upgrade System.Data.Common
to version 2.0.0 or higher.
Overview
System.Data.Common
provides the base abstract classes, including System.Data.DbConnection and System.Data.DbCommand, for all data providers.
Affected versions of this package are vulnerable to NULL Pointer Dereference