sqlite: Multiple vulnerabilities (CVE-2019-19242, CVE-2019-19244)
CVE-2019-19242: SQL injection in sqlite3ExprCodeTarget in expr.c
SQLite 3.30.1 mishandles pExpr->y.pTab, as demonstrated by the TK_COLUMN case in sqlite3ExprCodeTarget in expr.c.
CVE-2019-19244: Input validation error
sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage.