VYPR

rpm package

suse/sqlite3&distro=SUSE Linux Micro 6.2

pkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Micro%206.2

Vulnerabilities (4)

  • CVE-2026-11824HigJun 9, 2026
    affected < 3.53.2-160000.1.1fixed 3.53.2-160000.1.1

    SQLite before 3.53.2 contains a heap-based buffer overflow vulnerability in the FTS5 full-text search extension that allows attackers to cause a crash or execute arbitrary code by supplying a crafted database with malicious continuation page metadata specifying a szLeaf value sma

  • CVE-2026-11822HigJun 9, 2026
    affected < 3.53.2-160000.1.1fixed 3.53.2-160000.1.1

    SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution by supplying a crafted database with malformed FTS5 page data. Attackers can trigge

  • CVE-2025-70873HigMar 12, 2026
    affected < 3.51.3-160000.1.1fixed 3.51.3-160000.1.1

    An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file.

  • CVE-2025-7709MedSep 8, 2025
    affected < 3.51.3-160000.1.1fixed 3.51.3-160000.1.1

    An integer overflow exists in the FTS5 https://sqlite.org/fts5.html  extension. It occurs when the size of an array of tombstone pointers is calculated and truncated into a 32-bit integer. A pointer to partially controlled data can then be written out of bounds.