MGASA-2026-0195 Updated sqlite3 packages fix bug & security vulnerability

sqlite3 shipped in Mageia 9 lacks ICU support. This update brings sqlite3-icu to allow ICU support be loaded as an optional extension. This update fixes CVE-2025-70873, an information disclosure issue. The zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows...

EulerOS 2.0 SP13 : sqlite (EulerOS-SA-2026-2357)

According to the versions of the sqlite packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain...

OESA-2026-1772 sqlite security update

SQLite is a C-language library that implements a small, fast, self-contained, high-reliability, full-featured, SQL database engine. SQLite is the most used database engine in the world. SQLite is built into all mobile phones and most computers and comes bundled inside countless other applications...

OESA-2026-1771 sqlite security update

SQLite is a C-language library that implements a small, fast, self-contained, high-reliability, full-featured, SQL database engine. SQLite is the most used database engine in the world. SQLite is built into all mobile phones and most computers and comes bundled inside countless other applications...

OESA-2026-1770 sqlite security update

SQLite is a C-language library that implements a small, fast, self-contained, high-reliability, full-featured, SQL database engine. SQLite is the most used database engine in the world. SQLite is built into all mobile phones and most computers and comes bundled inside countless other applications...

OESA-2026-1767 sqlite security update

SQLite is a C-language library that implements a small, fast, self-contained, high-reliability, full-featured, SQL database engine. SQLite is the most used database engine in the world. SQLite is built into all mobile phones and most computers and comes bundled inside countless other applications...

SUSE SLES12 Security Update : sqlite3 (SUSE-SU-2026:0955-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0955-1 advisory. Update to 3.51.3: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. - CVE-2025-70873: SQLite zipfile extension may disclose...

Security update for sqlite3

This update for sqlite3 fixes the following issues: Update to 3.51.3: CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Changelog: Fix the WAL-reset database corruption bug:...

CVE-2025-70873

A flaw was found in SQLite. This information disclosure vulnerability exists within the zipfile extension, specifically in the zipfileInflate function. A remote attacker could exploit this by providing a specially crafted ZIP file. Successful exploitation could lead to the disclosure of sensitive...

EUVD-2025-208623

An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file...

Use of Uninitialized Resource

Overview Affected versions of this package are vulnerable to Use of Uninitialized Resource in the zipfileInflate function of the zipfile extension. An attacker can access sensitive heap memory contents by supplying a specially crafted ZIP file. Remediation Upgrade sqlite3 to version 3.51.3 or...

CVE-2025-70873

An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file...

CVE-2025-70873

An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file...

CVE-2025-70873

An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file...

CVE-2025-70873

An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file...

SQLite 安全漏洞

SQLite is a lightweight database developed under the open-source SQLite project. It is an ACID-compliant relational database management system. SQLite versions prior to 3.51.1 have a security vulnerability. This vulnerability stems from the zipfileInflate function in the zipfile extension, which...

CVE-2025-70873

The CVE-2025-70873 issue is an information disclosure in the zipfileInflate function of the SQLite zipfile extension, affecting SQLite 3.51.1 and earlier. Vulnerable code path can reveal uninitialized heap memory when processing crafted ZIP inputs. Public references indicate remediation via updat...

SQLite report about CVE-2025-70873

When using the zipfile extension not a part of standard SQLite but usually included in builds of the CLI, a malformed ZIP file input can result in an out-of-bounds read. Reported by forum post 2025-12-06T16:46:32Z and fixed in trunk by check-in 2025-12-06T23:58:09.413Z...

SQLite report about CVE-2019-19925

Malicious SQL statement causes a NULL pointer dereference and in the Zipfile virtual table extension and denial-of-service. This is only possible when the optional Zipfile virtual table extension is deployed, which is not the case in default builds. details...