VYPR

rpm package

opensuse/sqlite3&distro=openSUSE Leap 16.0

pkg:rpm/opensuse/sqlite3&distro=openSUSE%20Leap%2016.0

Vulnerabilities (2)

  • CVE-2025-70873HigMar 12, 2026
    affected < 3.51.3-160000.1.1fixed 3.51.3-160000.1.1

    An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file.

  • CVE-2025-7709MedSep 8, 2025
    affected < 3.51.3-160000.1.1fixed 3.51.3-160000.1.1

    An integer overflow exists in the FTS5 https://sqlite.org/fts5.html  extension. It occurs when the size of an array of tombstone pointers is calculated and truncated into a 32-bit integer. A pointer to partially controlled data can then be written out of bounds.