CVE-2025-6965

High CVSS: 7.2

There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.

Vendor

Sqlite

Product

Sqlite

CWE

CWE-197

Yayın Tarihi

2025-07-15 14:15:31

Güncelleme

2025-11-04 22:16:43

Source Identifier

cve-coordination@google.com

KEV Date Added

Kategoriler

CWE-197 Sqlite HIGH Sqlite 2025

Referanslar

https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8 http://seclists.org/fulldisclosure/2025/Sep/49 http://seclists.org/fulldisclosure/2025/Sep/53 http://seclists.org/fulldisclosure/2025/Sep/56 http://seclists.org/fulldisclosure/2025/Sep/57 http://seclists.org/fulldisclosure/2025/Sep/58 http://www.openwall.com/lists/oss-security/2025/09/06/1

Benzer Kayıtlar

Medium

CVE-2025-7458

An integer overflow in the sqlite3KeyInfoFromExprList function in SQLite versions 3.39.2 through 3.41.1 allows an attack…

Medium

CVE-2025-3277

An integer overflow can be triggered in SQLite’s `concat_ws()` function. The resulting, truncated integer is then used t…

Medium

CVE-2025-29088

In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3_db_config (in the C-language API) can cause a denial…

Low

CVE-2025-29087

In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concat_ws() SQL function can cause memory to be written beyond the en…