Information on source package sqlite3

Available versions

ReleaseVersion
jessie3.8.7.1-1+deb8u8
stretch3.16.2-5+deb9u4
stretch (security)3.16.2-5+deb9u3
buster3.27.2-3+deb10u3
buster (security)3.27.2-3+deb10u2
bullseye3.34.1-3
bullseye (security)3.34.1-3+deb11u1
bookworm3.40.1-2+deb12u1
trixie3.46.1-1
sid3.46.1-1

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2023-7104vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedfixedA vulnerability was found in SQLite SQLite3 up to 3.43.0 and classifie ...
CVE-2020-13631vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedfixedSQLite before 3.32.0 allows a virtual table to be renamed to the name ...
CVE-2019-19924fixedfixedvulnerable (no DSA, ignored)fixedfixedfixedfixedSQLite 3.30.1 mishandles certain parser-tree rewriting, related to exp ...
CVE-2019-19645vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedfixedalter.c in SQLite through 3.30.1 allows attackers to trigger infinite ...
CVE-2019-19603fixedfixedvulnerable (no DSA, ignored)fixedfixedfixedfixedSQLite 3.30.1 mishandles certain SELECT statements with a nonexistent ...
CVE-2019-8457vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedfixedfixedSQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-o ...
CVE-2019-5827vulnerable (no DSA)fixedfixedfixedfixedfixedfixedInteger overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3 ...

Open unimportant issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2022-35737vulnerablevulnerablevulnerablevulnerablefixedfixedfixedSQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-b ...
CVE-2021-45346vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableA Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 an ...
CVE-2020-11656vulnerablevulnerablevulnerablefixedfixedfixedfixedIn SQLite through 3.31.1, the ALTER TABLE implementation has a use-aft ...
CVE-2017-13685vulnerablevulnerablefixedfixedfixedfixedfixedThe dump_callback function in SQLite 3.20.0 allows remote attackers to ...

Resolved issues

BugDescription
TEMP-0566326-9A899Fsqlite: info leak
CVE-2024-0232A heap use-after-free issue has been identified in SQLite in the jsonP ...
CVE-2022-46908SQLite through 3.40.0, when relying on --safe for execution of an untr ...
CVE-2021-36690A segmentation fault can occur in the sqlite3.exe command-line compone ...
CVE-2021-31239An issue found in SQLite SQLite3 v.3.35.4 that allows a remote attacke ...
CVE-2021-20227A flaw was found in SQLite's SELECT query functionality (src/select.c) ...
CVE-2020-35527In SQLite 3.31.1, there is an out of bounds access problem through ALT ...
CVE-2020-35525In SQlite 3.31.1, a potential null pointer derreference was found in t ...
CVE-2020-24736Buffer Overflow vulnerability found in SQLite3 v.3.27.1 and before all ...
CVE-2020-15358In SQLite before 3.32.3, select.c mishandles query-flattener optimizat ...
CVE-2020-13871SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c bec ...
CVE-2020-13632ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer der ...
CVE-2020-13630ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3Ev ...
CVE-2020-13435SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarge ...
CVE-2020-13434SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf ...
CVE-2020-11655SQLite through 3.31.1 allows attackers to cause a denial of service (s ...
CVE-2020-9327In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger ...
CVE-2019-20218selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack u ...
CVE-2019-19959ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT ...
CVE-2019-19926multiSelect in select.c in SQLite 3.30.1 mishandles certain errors dur ...
CVE-2019-19925zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL ...
CVE-2019-19923flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses o ...
CVE-2019-19880exprListAppendList in window.c in SQLite 3.30.1 allows attackers to tr ...
CVE-2019-19646pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_ ...
CVE-2019-19317lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed b ...
CVE-2019-19244sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-sel ...
CVE-2019-19242SQLite 3.30.1 mishandles pExpr->y.pTab, as demonstrated by the TK_COLU ...
CVE-2019-16168In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can cras ...
CVE-2019-9937In SQLite 3.27.2, interleaving reads and writes in a single transactio ...
CVE-2019-9936In SQLite 3.27.2, running fts5 prefix queries inside a transaction cou ...
CVE-2019-5018An exploitable use after free vulnerability exists in the window funct ...
CVE-2018-20506SQLite before 3.25.3, when the FTS3 extension is enabled, encounters a ...
CVE-2018-20505SQLite 3.25.2, when queries are run on a table with a malformed PRIMAR ...
CVE-2018-20346SQLite before 3.25.3, when the FTS3 extension is enabled, encounters a ...
CVE-2018-8740In SQLite through 3.22.0, databases whose schema is corrupted using a ...
CVE-2017-15286SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in she ...
CVE-2017-10989The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3 ...
CVE-2017-2520An issue was discovered in certain Apple products. iOS before 10.3.2 i ...
CVE-2017-2519An issue was discovered in certain Apple products. iOS before 10.3.2 i ...
CVE-2017-2518An issue was discovered in certain Apple products. iOS before 10.3.2 i ...
CVE-2017-2513An issue was discovered in certain Apple products. iOS before 10.3.2 i ...
CVE-2016-6153os_unix.c in SQLite before 3.13.0 improperly implements the temporary ...
CVE-2015-3416The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does n ...
CVE-2015-3415The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not ...
CVE-2015-3414SQLite before 3.8.9 does not properly implement the dequoting of colla ...
CVE-2013-7443Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows r ...

Security announcements

DSA / DLADescription
DLA-3907-1sqlite3 - security update
ELA-1191-1sqlite3 - security update
ELA-678-1sqlite3 - security update
DLA-3107-1sqlite3 - security update
ELA-666-1sqlite3 - security update
DLA-2340-2sqlite3 - regression update
DLA-2340-1sqlite3 - security update
DLA-2221-1sqlite3 - security update
DLA-2203-1sqlite3 - security update
ELA-123-1sqlite3 - security update
DLA-1633-1sqlite3 - security update
ELA-74-1sqlite3 - security update
DLA-1613-1sqlite3 - security update
DLA-1018-1sqlite3 - security update
DLA-543-1sqlite3 - security update
DSA-3252-2sqlite3 - security update
DSA-3252-1sqlite3 - security update

Search for package or bug name: Reporting problems