rpm package
opensuse/sqlite3&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/sqlite3&distro=openSUSE%20Tumbleweed
Vulnerabilities (20)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-11824 | Hig | 7.8 | < 3.53.2-2.1 | 3.53.2-2.1 | Jun 9, 2026 | SQLite before 3.53.2 contains a heap-based buffer overflow vulnerability in the FTS5 full-text search extension that allows attackers to cause a crash or execute arbitrary code by supplying a crafted database with malicious continuation page metadata specifying a szLeaf value sma | |
| CVE-2026-11822 | Hig | 7.8 | < 3.53.2-2.1 | 3.53.2-2.1 | Jun 9, 2026 | SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution by supplying a crafted database with malformed FTS5 page data. Attackers can trigge | |
| CVE-2025-70873 | Hig | 7.5 | < 3.51.3-1.1 | 3.51.3-1.1 | Mar 12, 2026 | An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file. | |
| CVE-2025-7709 | Med | — | < 3.51.2-1.1 | 3.51.2-1.1 | Sep 8, 2025 | An integer overflow exists in the FTS5 https://sqlite.org/fts5.html extension. It occurs when the size of an array of tombstone pointers is calculated and truncated into a 32-bit integer. A pointer to partially controlled data can then be written out of bounds. | |
| CVE-2025-6965 | Cri | 9.8 | < 3.50.3-1.1 | 3.50.3-1.1 | Jul 15, 2025 | There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above. | |
| CVE-2025-29088 | — | < 3.49.1-3.1 | 3.49.1-3.1 | Apr 10, 2025 | In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3_db_config (in the C-language API) can cause a denial of service (application crash). An sz*nBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect. | ||
| CVE-2025-29087 | — | < 3.49.1-3.1 | 3.49.1-3.1 | Apr 7, 2025 | In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concat_ws() SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string (e.g., 2MB or more), an integer overflow occurs in calcu | ||
| CVE-2022-46908 | — | < 3.40.0-2.1 | 3.40.0-2.1 | Dec 12, 2022 | SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE. | ||
| CVE-2022-35737 | — | < 3.39.2-1.1 | 3.39.2-1.1 | Aug 3, 2022 | SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API. | ||
| CVE-2021-36690 | — | < 3.39.3-2.1 | 3.39.3-2.1 | Aug 24, 2021 | A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges (e.g., is in | ||
| CVE-2020-13871 | — | < 3.36.0-1.2 | 3.36.0-1.2 | Jun 6, 2020 | SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late. | ||
| CVE-2020-13630 | — | < 3.36.0-1.2 | 3.36.0-1.2 | May 27, 2020 | ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. | ||
| CVE-2020-13631 | — | < 3.36.0-1.2 | 3.36.0-1.2 | May 27, 2020 | SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. | ||
| CVE-2020-13632 | — | < 3.36.0-1.2 | 3.36.0-1.2 | May 27, 2020 | ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. | ||
| CVE-2020-13434 | — | < 3.36.0-1.2 | 3.36.0-1.2 | May 24, 2020 | SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. | ||
| CVE-2020-13435 | — | < 3.36.0-1.2 | 3.36.0-1.2 | May 24, 2020 | SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. | ||
| CVE-2019-16168 | Med | 6.5 | < 3.36.0-1.2 | 3.36.0-1.2 | Sep 9, 2019 | In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner." | |
| CVE-2019-9937 | — | < 3.36.0-1.2 | 3.36.0-1.2 | Mar 22, 2019 | In SQLite 3.27.2, interleaving reads and writes in a single transaction with an fts5 virtual table will lead to a NULL Pointer Dereference in fts5ChunkIterate in sqlite3.c. This is related to ext/fts5/fts5_hash.c and ext/fts5/fts5_index.c. | ||
| CVE-2019-9936 | — | < 3.36.0-1.2 | 3.36.0-1.2 | Mar 22, 2019 | In SQLite 3.27.2, running fts5 prefix queries inside a transaction could trigger a heap-based buffer over-read in fts5HashEntrySort in sqlite3.c, which may lead to an information leak. This is related to ext/fts5/fts5_hash.c. | ||
| CVE-2018-8740 | Hig | 7.5 | < 3.36.0-1.2 | 3.36.0-1.2 | Mar 17, 2018 | In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c. |
- affected < 3.53.2-2.1fixed 3.53.2-2.1
SQLite before 3.53.2 contains a heap-based buffer overflow vulnerability in the FTS5 full-text search extension that allows attackers to cause a crash or execute arbitrary code by supplying a crafted database with malicious continuation page metadata specifying a szLeaf value sma
- affected < 3.53.2-2.1fixed 3.53.2-2.1
SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution by supplying a crafted database with malformed FTS5 page data. Attackers can trigge
- affected < 3.51.3-1.1fixed 3.51.3-1.1
An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file.
- affected < 3.51.2-1.1fixed 3.51.2-1.1
An integer overflow exists in the FTS5 https://sqlite.org/fts5.html extension. It occurs when the size of an array of tombstone pointers is calculated and truncated into a 32-bit integer. A pointer to partially controlled data can then be written out of bounds.
- affected < 3.50.3-1.1fixed 3.50.3-1.1
There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.
- CVE-2025-29088Apr 10, 2025affected < 3.49.1-3.1fixed 3.49.1-3.1
In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3_db_config (in the C-language API) can cause a denial of service (application crash). An sz*nBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect.
- CVE-2025-29087Apr 7, 2025affected < 3.49.1-3.1fixed 3.49.1-3.1
In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concat_ws() SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string (e.g., 2MB or more), an integer overflow occurs in calcu
- CVE-2022-46908Dec 12, 2022affected < 3.40.0-2.1fixed 3.40.0-2.1
SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.
- CVE-2022-35737Aug 3, 2022affected < 3.39.2-1.1fixed 3.39.2-1.1
SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.
- CVE-2021-36690Aug 24, 2021affected < 3.39.3-2.1fixed 3.39.3-2.1
A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges (e.g., is in
- CVE-2020-13871Jun 6, 2020affected < 3.36.0-1.2fixed 3.36.0-1.2
SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.
- CVE-2020-13630May 27, 2020affected < 3.36.0-1.2fixed 3.36.0-1.2
ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.
- CVE-2020-13631May 27, 2020affected < 3.36.0-1.2fixed 3.36.0-1.2
SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.
- CVE-2020-13632May 27, 2020affected < 3.36.0-1.2fixed 3.36.0-1.2
ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.
- CVE-2020-13434May 24, 2020affected < 3.36.0-1.2fixed 3.36.0-1.2
SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.
- CVE-2020-13435May 24, 2020affected < 3.36.0-1.2fixed 3.36.0-1.2
SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c.
- affected < 3.36.0-1.2fixed 3.36.0-1.2
In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."
- CVE-2019-9937Mar 22, 2019affected < 3.36.0-1.2fixed 3.36.0-1.2
In SQLite 3.27.2, interleaving reads and writes in a single transaction with an fts5 virtual table will lead to a NULL Pointer Dereference in fts5ChunkIterate in sqlite3.c. This is related to ext/fts5/fts5_hash.c and ext/fts5/fts5_index.c.
- CVE-2019-9936Mar 22, 2019affected < 3.36.0-1.2fixed 3.36.0-1.2
In SQLite 3.27.2, running fts5 prefix queries inside a transaction could trigger a heap-based buffer over-read in fts5HashEntrySort in sqlite3.c, which may lead to an information leak. This is related to ext/fts5/fts5_hash.c.
- affected < 3.36.0-1.2fixed 3.36.0-1.2
In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c.