CVE-2020-13631: SQL Injection
Published May 27, 2020
·Updated
Last updated 25 August 2025
Other sources
SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.
SQLite. This issue was addressed with improved checks.
Credit
CVE-2020-13631
Affected Software
39 affected componentsFixes available
SQLite SQLite<3.32.0
Fedoraproject Fedora=32
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=19.10
Canonical Ubuntu Linux=20.04
NetApp Cloud Backup
NetApp Solidfire\, Enterprise Sds \& Hci Storage Node
Brocade Fabric Operating System
NetApp Hci Compute Node Firmware
NetApp Hci Compute Node
Siemens Sinec Infrastructure Network Services<1.0.1.1
Apple Icloud Windows<11.5
Apple Itunes Windows<12.10.9
Apple iPadOS<14.0
Apple iPhone OS<14.0
Apple macOS<11.0.1
Apple tvOS<14.0
Apple WatchOS<7.0
Oracle Communications Network Charging And Control>=12.0.0<=12.0.3
Oracle Communications Network Charging And Control=6.0.1
Oracle Outside In Technology=8.5.4
Oracle Outside In Technology=8.5.5
Oracle ZFS Storage Appliance Kit=8.8
redhat/sqlite<3.32.0
3.32.0
Apple macOS Big Sur<11.0.1
11.0.1
Apple tvOS<14.0
14.0
Apple WatchOS<7.0
7.0
Apple iCloud for Windows<11.5
11.5
Apple iTunes for Windows<12.10.9
12.10.9
Apple iOS<14.0
14.0
Apple iPadOS<14.0
14.0
All of the following
NetApp Hci Compute Node Firmware
NetApp Hci Compute Node
F5 BIG-IP=3
F5 BIG-IP>=16.1.0<=16.1.6
F5 BIG-IP>=15.1.0<=15.1.10
F5 BIG-IQ Centralized Management>=8.2.0<=8.4.0
debian/sqlite3
3.34.1-33.34.1-3+deb11u13.40.1-2+deb12u23.46.1-7+deb13u13.46.1-9
Remediation
Patch Available
Patch Available
Event History
May 27, 2020
CVE Published
via MITRE·02:42 PM
Data Sourced
via MITRE·02:42 PM
Description
Data Sourced
03:15 PM
RemedyDescriptionSeverityAffected Software
Nov 12, 2024
Advisory Published
via F5·02:54 AM
Data Sourced
via F5·02:54 AM
DescriptionSeverityWeaknessAffected Software
Feb 20, 2026
Data Sourced
via Ubuntu·09:14 PM
RemedyDescriptionSeverityAffected Software
Data Sourced
via Launchpad·09:14 PM
Description
Mar 17, 2026
Data Sourced
via Debian·06:56 PM
DescriptionAffected Software
Parent advisories
This vulnerability appears in the following advisories.
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2020-27914
- CVE-2020-27915
- CVE-2020-27903
- CVE-2020-27910
- CVE-2020-27916
- CVE-2020-9943
- CVE-2020-9944
- CVE-2020-27906
- CVE-2020-27945
- CVE-2020-27908
- CVE-2020-27909
- CVE-2020-9960
- CVE-2020-10017
- CVE-2020-9949
- CVE-2020-9897
- CVE-2020-9883
- CVE-2020-10003
- CVE-2020-27922
- CVE-2020-9999
- CVE-2020-27937
- CVE-2020-9965
- CVE-2020-9966
- CVE-2020-27894
- CVE-2020-36615
- CVE-2021-1790
- CVE-2021-1775
- CVE-2020-29629
- CVE-2020-27942
- CVE-2020-9962
- CVE-2020-27952
- CVE-2020-9956
- CVE-2020-27931
- CVE-2020-27930
- CVE-2020-27927
- CVE-2020-29639
- CVE-2020-10002
- CVE-2020-9978
- CVE-2020-9955
- CVE-2020-27924
- CVE-2020-27912
- CVE-2020-27923
- CVE-2020-9876
- CVE-2020-10015
- CVE-2020-27897
- CVE-2020-27907
- CVE-2020-27919
- CVE-2020-9967
- CVE-2020-9975
- CVE-2020-27921
- CVE-2020-27904
- CVE-2019-14899
- CVE-2020-27950
- CVE-2020-9974
- CVE-2020-10016
- CVE-2020-27932
- CVE-2020-27917
- CVE-2020-27920
- CVE-2020-27911
- CVE-2020-9971
- CVE-2020-10014
- CVE-2020-10010
- CVE-2020-9941
- CVE-2020-9988
- CVE-2020-9989
- CVE-2020-10011
- CVE-2020-13524
- CVE-2020-10004
- CVE-2020-9996
- CVE-2020-27901
- CVE-2020-27900
- CVE-2019-20838
- CVE-2020-14155
- CVE-2020-10007
- CVE-2020-27896
- CVE-2020-9963
- CVE-2020-10012
- CVE-2020-10663
- CVE-2020-9945
- CVE-2020-9977
- CVE-2020-9942
- CVE-2020-9987
- CVE-2021-1803
- CVE-2020-9969
- CVE-2020-27893
- CVE-2021-1755
- CVE-2020-10005
- CVE-2020-9991
- CVE-2020-9849
- CVE-2020-15358
- CVE-2020-13631
- CVE-2020-13434
- CVE-2020-13435
- CVE-2020-13630
- CVE-2020-27899
- CVE-2020-10009
- CVE-2020-10008
- CVE-2020-27918
- CVE-2020-9947
- CVE-2020-9950
- CVE-2020-27898
- CVE-2020-27935
- CVE-2020-10006
- CVE-2020-9979
- CVE-2020-9954
- CVE-2020-36521
- CVE-2020-9961
- CVE-2020-9976
- CVE-2020-9981
- CVE-2020-9968
- CVE-2020-9951
- CVE-2020-9983
- CVE-2020-9952
- CVE-2020-10013
- CVE-2020-9946
- CVE-2020-9993
- CVE-2020-9958
- CVE-2020-9773
- CVE-2020-9992
- CVE-2020-9964
- CVE-2020-13520
- CVE-2020-6147
- CVE-2020-9972
- CVE-2020-9973
- CVE-2020-9959
Frequently Asked Questions
1
What is CVE-2020-13631?
CVE-2020-13631 is a vulnerability in SQLite that was addressed by Apple with improved checks.
2
Which software versions are affected by CVE-2020-13631?
Apple tvOS up to version 14.0, Apple macOS Big Sur up to version 11.0.1, Apple iOS up to version 14.0, Apple iPadOS up to version 14.0, Apple watchOS up to version 7.0, Apple iTunes for Windows up to version 12.10.9, and Apple iCloud for Windows up to version 11.5 are affected by CVE-2020-13631.
3
What is the severity of CVE-2020-13631?
The severity of CVE-2020-13631 is not specified.
4
How was CVE-2020-13631 addressed?
CVE-2020-13631 was addressed by Apple with improved checks.
5
Where can I find more information about CVE-2020-13631?
You can find more information about CVE-2020-13631 on the Apple support website.