freiburg-ris-ca (=0.1.0), katalyst (=0.9.1) +2 more potentially affected by CVE-2025-8709 via langgraph-checkpoint-sqlite (>=1.0.4 <=2.0.10)

langgraph-checkpoint-sqlite PYPI version =1.0.4, =0.1.0a1, =0.1.0a24 Source cves: CVE-2025-8709 Source advisory: OSV:GHSA-4H97-WPXP-3757...

EUVD-2025-35939

A SQL injection vulnerability exists in the langchain-ai/langchain repository, specifically in the LangGraph's SQLite store implementation. The affected version is langgraph-checkpoint-sqlite 2.0.10. The vulnerability arises from improper handling of filter operators $eq, $ne, $gt, $lt, $gte, $lt...

CVE-2025-8709 SQL Injection in langchain-ai/langchain

A SQL injection vulnerability exists in the langchain-ai/langchain repository, specifically in the LangGraph's SQLite store implementation. The affected version is langgraph-checkpoint-sqlite 2.0.10. The vulnerability arises from improper handling of filter operators $eq, $ne, $gt, $lt, $gte, $lt...

CVE-2025-8709 SQL Injection in langchain-ai/langchain

A SQL injection vulnerability exists in the langchain-ai/langchain repository, specifically in the LangGraph's SQLite store implementation. The affected version is langgraph-checkpoint-sqlite 2.0.10. The vulnerability arises from improper handling of filter operators $eq, $ne, $gt, $lt, $gte, $lt...

CVE-2025-8709

CVE-2025-8709 affects langgraph-checkpoint-sqlite 2.0.10 in LangGraph’s SQLite store. The root cause is improper string concatenation of filter keys in _get_filter_condition(), allowing SQL injection via filter parameters and potentially exposing all documents and sensitive fields (e.g., password...

PT-2025-43747

Name of the Vulnerable Software and Affected Versions langgraph-checkpoint-sqlite version 2.0.10 Description A SQL injection vulnerability exists in the LangGraph's SQLite store implementation within the langchain-ai/langgraph repository. The issue stems from improper handling of filter operators...

langchainlanggraph-checkpoint-sqlite SQL注入漏洞

langchainlanggraph-checkpoint-sqlite is an open source database connectivity Python library from LangChain. An SQL injection vulnerability exists in langchainlanggraph-checkpoint-sqlite version 2.0.10, which stems from improper handling of the filter operator and could lead to an SQL injection...

EUVD-2025-35887

Integer Overflow vulnerability in SQLite SQLite3 v.3.50.0 allows a remote attacker to cause a denial of service via the setupLookaside function...

CVE-2025-52099

Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2025-29088. Reason: This record is a duplicate of CVE-2025-29088. Notes: All CVE users should reference CVE-2025-29088 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage...

DEBIAN-CVE-2025-52099

Integer Overflow vulnerability in SQLite SQLite3 v.3.50.0 allows a remote attacker to cause a denial of service via the setupLookaside function...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the setupLookaside function in the main.c file. An attacker can cause the application to crash or become unresponsive by sending specially crafted input that triggers an integer overflow. Remediation...

PT-2025-43669

Name of the Vulnerable Software and Affected Versions SQLite version 3.50.0 Description An integer overflow exists in the setupLookaside function of SQLite version 3.50.0. This issue could allow a remote attacker to cause a denial of service or potentially achieve remote code execution...

CVE-2025-52099

...

CVE-2025-52099

...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2025-2310)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-52099

CVE-2025-52099 describes an integer overflow in SQLite3 v3.50.0 that can enable a remote denial of service via the setupLookaside function. The root cause is an overflow during memory allocation in sqlite3_db_config-related code, leading to potential exploitation that can crash the application. P...

NewStart CGSL MAIN 7.02 : sqlite Vulnerability (NS-SA-2025-0246)

The remote NewStart CGSL host, running version MAIN 7.02, has sqlite packages installed that are affected by a vulnerability: - There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memo...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.10.1.10)

The version of AOS installed on the remote host is prior to 6.10.1.10. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.10.1.10 advisory. - There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the numb...

EulerOS 2.0 SP13 : sqlite (EulerOS-SA-2025-2310)

According to the versions of the sqlite package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. Thi...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.0.1.9)

The version of AOS installed on the remote host is prior to 7.0.1.9. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.0.1.9 advisory. - There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number o...