CVE-2020-13630: Use After Free
Published May 27, 2020
·Updated
ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow related to the snippet feature.
Other sources
ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.
SQLite. A memory corruption issue was addressed with improved state management.
Credit
CVE-2020-13630
Affected Software
39 affected componentsFixes available
SQLite SQLite<3.32.0
Fedoraproject Fedora=32
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=19.10
Canonical Ubuntu Linux=20.04
NetApp Cloud Backup
NetApp Solidfire\, Enterprise Sds \& Hci Storage Node
Brocade Fabric Operating System
NetApp Hci Compute Node Firmware
NetApp Hci Compute Node
Debian Debian Linux=9.0
Siemens Sinec Infrastructure Network Services<1.0.1.1
Apple Icloud Windows<11.5
Apple Itunes Windows<12.10.9
Apple iPadOS<14.0
Apple iPhone OS<14.0
Apple macOS<11.0.1
Apple tvOS<14.0
Apple WatchOS<7.0
Oracle Communications Network Charging And Control>=12.0.0<=12.0.3
Oracle Communications Network Charging And Control=6.0.1
Oracle Outside In Technology=8.5.4
Oracle Outside In Technology=8.5.5
Oracle ZFS Storage Appliance Kit=8.8
redhat/sqlite<3.32.0
3.32.0
Apple macOS Big Sur<11.0.1
11.0.1
Apple tvOS<14.0
14.0
Apple WatchOS<7.0
7.0
Apple iCloud for Windows<11.5
11.5
Apple iTunes for Windows<12.10.9
12.10.9
Apple iOS<14.0
14.0
Apple iPadOS<14.0
14.0
All of the following
NetApp Hci Compute Node Firmware
NetApp Hci Compute Node
F5 Traffix SDC=5.1.0
Microsoft azl3 ceph 18.2.1-1
Microsoft azl3 ceph 16.2.10-3
debian/sqlite3
3.34.1-33.34.1-3+deb11u13.40.1-2+deb12u23.46.1-7+deb13u13.46.1-9
Remediation
Patch Available
Patch Available
Event History
May 27, 2020
CVE Published
via MITRE·02:42 PM
Data Sourced
via MITRE·02:42 PM
Description
Data Sourced
03:15 PM
RemedyDescriptionSeverityWeaknessAffected Software
Jun 30, 2024
Data Sourced
via Microsoft·02:00 PM
DescriptionSeverityWeakness
Data Sourced
via Microsoft·02:00 PM
Affected Software
Updated
via Microsoft·02:00 PM
Affected Software
Updated
via Microsoft·02:00 PM
DescriptionSeverity
Sep 17, 2024
Advisory Published
via F5·11:53 PM
Feb 20, 2026
Data Sourced
via Ubuntu·09:14 PM
RemedyDescriptionSeverityAffected Software
Data Sourced
via Launchpad·09:14 PM
Description
Mar 14, 2026
Data Sourced
via Debian·06:55 PM
DescriptionAffected Software
Parent advisories
This vulnerability appears in the following advisories.
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2020-27914
- CVE-2020-27915
- CVE-2020-27903
- CVE-2020-27910
- CVE-2020-27916
- CVE-2020-9943
- CVE-2020-9944
- CVE-2020-27906
- CVE-2020-27945
- CVE-2020-27908
- CVE-2020-27909
- CVE-2020-9960
- CVE-2020-10017
- CVE-2020-9949
- CVE-2020-9897
- CVE-2020-9883
- CVE-2020-10003
- CVE-2020-27922
- CVE-2020-9999
- CVE-2020-27937
- CVE-2020-9965
- CVE-2020-9966
- CVE-2020-27894
- CVE-2020-36615
- CVE-2021-1790
- CVE-2021-1775
- CVE-2020-29629
- CVE-2020-27942
- CVE-2020-9962
- CVE-2020-27952
- CVE-2020-9956
- CVE-2020-27931
- CVE-2020-27930
- CVE-2020-27927
- CVE-2020-29639
- CVE-2020-10002
- CVE-2020-9978
- CVE-2020-9955
- CVE-2020-27924
- CVE-2020-27912
- CVE-2020-27923
- CVE-2020-9876
- CVE-2020-10015
- CVE-2020-27897
- CVE-2020-27907
- CVE-2020-27919
- CVE-2020-9967
- CVE-2020-9975
- CVE-2020-27921
- CVE-2020-27904
- CVE-2019-14899
- CVE-2020-27950
- CVE-2020-9974
- CVE-2020-10016
- CVE-2020-27932
- CVE-2020-27917
- CVE-2020-27920
- CVE-2020-27911
- CVE-2020-9971
- CVE-2020-10014
- CVE-2020-10010
- CVE-2020-9941
- CVE-2020-9988
- CVE-2020-9989
- CVE-2020-10011
- CVE-2020-13524
- CVE-2020-10004
- CVE-2020-9996
- CVE-2020-27901
- CVE-2020-27900
- CVE-2019-20838
- CVE-2020-14155
- CVE-2020-10007
- CVE-2020-27896
- CVE-2020-9963
- CVE-2020-10012
- CVE-2020-10663
- CVE-2020-9945
- CVE-2020-9977
- CVE-2020-9942
- CVE-2020-9987
- CVE-2021-1803
- CVE-2020-9969
- CVE-2020-27893
- CVE-2021-1755
- CVE-2020-10005
- CVE-2020-9991
- CVE-2020-9849
- CVE-2020-15358
- CVE-2020-13631
- CVE-2020-13434
- CVE-2020-13435
- CVE-2020-13630
- CVE-2020-27899
- CVE-2020-10009
- CVE-2020-10008
- CVE-2020-27918
- CVE-2020-9947
- CVE-2020-9950
- CVE-2020-27898
- CVE-2020-27935
- CVE-2020-10006
- CVE-2020-9979
- CVE-2020-9954
- CVE-2020-36521
- CVE-2020-9961
- CVE-2020-9976
- CVE-2020-9981
- CVE-2020-9968
- CVE-2020-9951
- CVE-2020-9983
- CVE-2020-9952
- CVE-2020-10013
- CVE-2020-9946
- CVE-2020-9993
- CVE-2020-9958
- CVE-2020-9773
- CVE-2020-9992
- CVE-2020-9964
- CVE-2020-13520
- CVE-2020-6147
- CVE-2020-9972
- CVE-2020-9973
- CVE-2020-9959
Frequently Asked Questions
1
What is the vulnerability ID?
The vulnerability ID is CVE-2020-13630.
2
What is the affected software?
The affected software includes Apple tvOS 14.0, macOS Big Sur 11.0.1, iOS 14.0, iPadOS 14.0, watchOS 7.0, iTunes for Windows 12.10.9, and iCloud for Windows 11.5.
3
What is the severity of CVE-2020-13630?
The severity of CVE-2020-13630 is not specified.
4
What is the remediation for CVE-2020-13630?
The remediation for CVE-2020-13630 is to update to the specified versions of the affected software.
5
Where can I find more information about CVE-2020-13630?
You can find more information about CVE-2020-13630 on the Apple support website.