High severity7.5NVD Advisory· Published Mar 12, 2026· Updated Apr 16, 2026
CVE-2025-70873
CVE-2025-70873
Description
An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
17- osv-coords15 versionspkg:bitnami/sqlitepkg:rpm/opensuse/sqlite3&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/sqlite3&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/sqlite3&distro=openSUSE%20Tumbleweedpkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Micro%206.2
< 3.51.1+ 14 more
- (no CPE)range: < 3.51.1
- (no CPE)range: < 3.51.3-150000.3.39.1
- (no CPE)range: < 3.51.3-160000.1.1
- (no CPE)range: < 3.51.3-1.1
- (no CPE)range: < 3.51.3-150000.3.39.1
- (no CPE)range: < 3.51.3-150000.3.39.1
- (no CPE)range: < 3.51.3-150000.3.39.1
- (no CPE)range: < 3.51.3-150000.3.39.1
- (no CPE)range: < 3.51.3-150000.3.39.1
- (no CPE)range: < 3.51.3-160000.1.1
- (no CPE)range: < 3.51.3-160000.1.1
- (no CPE)range: < 3.51.3-9.47.1
- (no CPE)range: < 3.51.3-1.1
- (no CPE)range: < 3.51.3-slfo.1.1_1.1
- (no CPE)range: < 3.51.3-160000.1.1
Patches
Vulnerability mechanics
References
3- sqlite.org/src/info/3d459f1fb1bd1b5envdIssue TrackingPatch
- gist.github.com/cnwangjihe/f496393f30f5ecec5b18c8f5ab072054nvdExploitThird Party Advisory
- sqlite.org/forum/forumpost/761eac3c82nvdIssue Tracking
News mentions
0No linked articles in our index yet.