CVE-2025-29088

In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3dbconfig in the C-language API can cause a denial of service application crash. An sznBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect...

DEBIAN-CVE-2025-29088

In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3dbconfig in the C-language API can cause a denial of service application crash. An sznBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect...

UBUNTU-CVE-2025-29088

In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3dbconfig in the C-language API can cause a denial of service application crash. An sznBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect...

CVE-2025-29088

In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3dbconfig in the C-language API can cause a denial of service application crash. An sznBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect...

CVE-2025-29088

In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3dbconfig in the C-language API can cause a denial of service application crash. An sznBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect...

CVE-2025-29088

Technical details for CVE-2025-29088 are not publicly available in the provided documents. The connected Astra Linux entry contains a rejection/duplicate note and omits specifics. Monitor for official disclosures or vendor advisories to obtain exact affected products, versions, and fixes.

CVE-2025-29088

In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3dbconfig in the C-language API can cause a denial of service application crash. An sznBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect...

SQLite -- application crash

[email protected] reports: In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3dbconfig in the C-language API can cause a denial of service application crash. An sznBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect...

CVE-2025-29088

In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3dbconfig in the C-language API can cause a denial of service application crash. An sznBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect...

SQLite 输入验证错误漏洞

SQLite is a lightweight database from the SQLite open source, an ACID-compliant relational database management system. A security vulnerability exists in SQLite version 3.49.0 that stems from an issue with the SQLITEDBCONFIGLOOKASIDE component that could lead to a denial of service...

CVE-2025-29087

A flaw was found in SQLite. This vulnerability allows an attacker to cause an integer overflow via the concatws function. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and...

Siemens SIDIS Prime

SUMMARY SIDIS Prime before V4.0.700 is affected by multiple vulnerabilities in the components OpenSSL, SQLite, Boost C++ Libraries and several Microsoft components as described below. Siemens has released a new version of SIDIS Prime and recommends to update to the latest version. 2. GENERAL...

DEBIAN-CVE-2025-29087

In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concatws SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string e.g., 2MB or more, an integer overflow occurs in calculating the size of the...

ALPINE-CVE-2025-29087

In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concatws SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string e.g., 2MB or more, an integer overflow occurs in calculating the size of the...

CVE-2025-29087

In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concatws SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string e.g., 2MB or more, an integer overflow occurs in calculating the size of the...

CVE-2025-29087

In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concatws SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string e.g., 2MB or more, an integer overflow occurs in calculating the size of the...

UBUNTU-CVE-2025-29087

In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concatws SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string e.g., 2MB or more, an integer overflow occurs in calculating the size of the...

SQLite 安全漏洞

SQLite is a lightweight database from the SQLite open source, a relational database management system that adheres to ACID. A security vulnerability exists in SQLite version 3.49.0, which stems from a concat function that could lead to an integer overflow...

CVE-2025-29087

In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concatws SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string e.g., 2MB or more, an integer overflow occurs in calculating the size of the...

CVE-2025-29087

CVE-2025-29087 concerns SQLite: concat_ws() can write beyond the end of a malloc’d buffer in versions 3.44.0–3.49.0 when a large, attacker-controlled separator is supplied, triggering an integer overflow while sizing the result buffer. This may lead to memory corruption or a crash. A fix is avail...