MGASA-2026-0195 Updated sqlite3 packages fix bug & security vulnerability

sqlite3 shipped in Mageia 9 lacks ICU support. This update brings sqlite3-icu to allow ICU support be loaded as an optional extension. This update fixes CVE-2025-70873, an information disclosure issue. The zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows...

Updated sqlite3 packages fix bug & security vulnerability

sqlite3 shipped in Mageia 9 lacks ICU support. This update brings sqlite3-icu to allow ICU support be loaded as an optional extension. This update fixes CVE-2025-70873, an information disclosure issue. The zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows...

EulerOS 2.0 SP13 : sqlite (EulerOS-SA-2026-2357)

According to the versions of the sqlite packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain...

EulerOS 2.0 SP11 : sqlite (EulerOS-SA-2026-2265)

According to the versions of the sqlite packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain...

SUSE CVE-2024-0450

An issue was found in the CPython zipfile module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to “quoted-overlap” zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython...

Astra Linux – Vulnerability in SQLite3

The ext/misc/zipfile.c file in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded \0' characters in filenames, resulting in a memory-management error that can be detected using tools like valgrind...

PT-2026-33220

Name of the Vulnerable Software and Affected Versions gdown versions prior to 5.2.2 Description A Path Traversal issue exists within the extractall function in the gdown/extractall.py file. The software fails to sanitize or validate the filenames of members within ZIP or TAR archives during...

GHSA-4PH2-F6PF-79WV PraisonAI Has Arbitrary File Write (Zip Slip) in Templates Extraction

The PraisonAI templates installation feature is vulnerable to a "Zip Slip" Arbitrary File Write attack. When downloading and extracting template archives from external sources e.g., GitHub, the application uses Python's zipfile.extractall without verifying if the files within the archive resolve...

Security Bulletin: IBM Storage Ceph is vulnerable to Improper Validation of Specified Index, Position, or Offset in Input in zipfile (CVE-2025-8291)

Summary zipfile is used by IBM Storage Ceph. CVE-2025-8291 This bulletin identifies the steps to take to address the vulnerability in Ceph. Vulnerability Details CVEID:CVE-2025-8291 DESCRIPTION: The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator...

OESA-2026-1772 sqlite security update

SQLite is a C-language library that implements a small, fast, self-contained, high-reliability, full-featured, SQL database engine. SQLite is the most used database engine in the world. SQLite is built into all mobile phones and most computers and comes bundled inside countless other applications...

OESA-2026-1771 sqlite security update

SQLite is a C-language library that implements a small, fast, self-contained, high-reliability, full-featured, SQL database engine. SQLite is the most used database engine in the world. SQLite is built into all mobile phones and most computers and comes bundled inside countless other applications...

OESA-2026-1770 sqlite security update

SQLite is a C-language library that implements a small, fast, self-contained, high-reliability, full-featured, SQL database engine. SQLite is the most used database engine in the world. SQLite is built into all mobile phones and most computers and comes bundled inside countless other applications...

OESA-2026-1767 sqlite security update

SQLite is a C-language library that implements a small, fast, self-contained, high-reliability, full-featured, SQL database engine. SQLite is the most used database engine in the world. SQLite is built into all mobile phones and most computers and comes bundled inside countless other applications...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : sqlite3 (SUSE-SU-2026:1065-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1065-1 advisory. Update sqlite3 to 3.51.3: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. -...

SUSE-SU-2026:1065-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: Update sqlite3 to 3.51.3: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. - CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Changelog: Fix the WAL-reset database...

SQLite <= 3.51.1 Information Disclosure

The version of SQLite installed on the remote host is prior to 3.51.2. It is, therefore, affected by an information disclosure issue where the zipfileInflate function, responsible for decompressing ZIP file contents, fails to properly validate or sanitize data during the inflation process. When...

SUSE SLES12 Security Update : sqlite3 (SUSE-SU-2026:0955-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0955-1 advisory. Update to 3.51.3: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. - CVE-2025-70873: SQLite zipfile extension may disclose...

SUSE-SU-2026:20771-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: Update to sqlite3 3.51.3: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. - CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Changelog: Update to version 3.51.3: Fix the...

Security update for sqlite3

This update for sqlite3 fixes the following issues: Update to 3.51.3: CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Changelog: Fix the WAL-reset database corruption bug:...

SUSE-SU-2026:0955-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: Update to 3.51.3: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. - CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Changelog: Fix the WAL-reset database corruption bug...