rpm package
opensuse/sqlite3&distro=openSUSE Leap 16.0
pkg:rpm/opensuse/sqlite3&distro=openSUSE%20Leap%2016.0
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-70873 | Hig | 7.5 | < 3.51.3-160000.1.1 | 3.51.3-160000.1.1 | Mar 12, 2026 | An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file. | |
| CVE-2025-7709 | Med | — | < 3.51.3-160000.1.1 | 3.51.3-160000.1.1 | Sep 8, 2025 | An integer overflow exists in the FTS5 https://sqlite.org/fts5.html extension. It occurs when the size of an array of tombstone pointers is calculated and truncated into a 32-bit integer. A pointer to partially controlled data can then be written out of bounds. |
- affected < 3.51.3-160000.1.1fixed 3.51.3-160000.1.1
An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file.
- affected < 3.51.3-160000.1.1fixed 3.51.3-160000.1.1
An integer overflow exists in the FTS5 https://sqlite.org/fts5.html extension. It occurs when the size of an array of tombstone pointers is calculated and truncated into a 32-bit integer. A pointer to partially controlled data can then be written out of bounds.