CVE-2025-29088
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-29088
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-29088.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-29088
- Aliases
- Related
- Published
- 2025-04-10T14:15:27Z
- Modified
- 2025-04-16T08:27:21.235517Z
- Summary
- [none]
- Details
-
In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3dbconfig (in the C-language API) can cause a denial of service (application crash). An sz*nBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect.
- References
-
- https://github.com/sqlite/sqlite/commit/56d2fd008b108109f489339f5fd55212bb50afd4
- https://gist.github.com/ylwango613/d3883fb9f6ba8a78086356779ce88248
- https://sqlite.org/forum/forumpost/48f365daec
- https://sqlite.org/releaselog/3_49_1.html
- https://www.sqlite.org/cves.html
- https://security-tracker.debian.org/tracker/CVE-2025-29088
Affected packages
Debian:11 / sqlite3
Package
- Name
- sqlite3
- Purl
- pkg:deb/debian/sqlite3?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
3.*
3.34.1-3
3.34.1-3+deb11u1
3.35.5-1
3.36.0-1
3.36.0-2
3.37.0-1
3.37.0-2
3.37.1-1
3.37.2-1
3.37.2-2
3.38.0-1
3.38.1-1
3.38.2-1
3.38.3-1
3.38.5-1
3.39.0-1
3.39.0-2
3.39.0-3
3.39.1-1
3.39.2-1
3.39.3-1
3.39.4-1
3.40.0-1
3.40.0-2
3.40.1-1
3.40.1-2
3.42.0-1
3.43.0-1
3.43.1-1
3.43.2-1
3.44.0-1
3.44.2-1
3.45.0-1
3.45.1-1
3.45.2-1
3.45.3-1
3.45.3-2~exp1
3.46.0-1
3.46.1-1
3.46.1-2~exp
3.46.1-2
3.46.1-3
Debian:12 / sqlite3
Package
- Name
- sqlite3
- Purl
- pkg:deb/debian/sqlite3?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Debian:13 / sqlite3
Package
- Name
- sqlite3
- Purl
- pkg:deb/debian/sqlite3?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Git / github.com/sqlite/sqlite
Affected ranges
- Type
- GIT
- Repo
- https://github.com/sqlite/sqlite
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
Other
cvs-to-fossil-cutover
experimental
fts3-refactor
major-relase
major-release
relase
same-as-3.*
same-as-3.35.3
version-3.*
version-3.10.0
version-3.11.0
version-3.11.1
version-3.12.0
version-3.13.0
version-3.14.0
version-3.15.0
version-3.16.0
version-3.19.0
version-3.19.1
version-3.19.2
version-3.21.0
version-3.22.0
version-3.23.0
version-3.23.1
version-3.24.0
version-3.25.0
version-3.26.0
version-3.27.0
version-3.28.0
version-3.29.0
version-3.30.0
version-3.31.0
version-3.31.1
version-3.32.0
version-3.32.1
version-3.33.0
version-3.34.0
version-3.35.0
version-3.35.1
version-3.35.2
version-3.36.0
version-3.37.0
version-3.38.0
version-3.39.0
version-3.40.0
version-3.41.0
version-3.42.0
version-3.43.0
version-3.44.0
version-3.45.0
version-3.46.0
version-3.47.0
version-3.48.0
version-3.49.0
version-3.6.10
version-3.6.15
version-3.7.10
version-3.7.11
version-3.7.12
version-3.7.12.1
version-3.7.13
version-3.7.14
version-3.7.15
version-3.7.16
version-3.7.16.1
version-3.7.16.2
version-3.7.17
version-3.7.2
version-3.7.4
version-3.7.5
version-3.7.6
version-3.7.6.1
version-3.7.7
version-3.7.8
version-3.7.9
version-3.8.0
version-3.8.1
version-3.8.10
version-3.8.10.1
version-3.8.11
version-3.8.11.1
version-3.8.2
version-3.8.3
version-3.8.4
version-3.8.4.1
version-3.8.5
version-3.8.6
version-3.8.7
version-3.8.7.1
version-3.8.8
version-3.8.9
version-3.9.0
version-3.9.1