Primary

Context

SQLite Memory Corruption Vulnerability Due to Aggregate Term Overflow

Vulnerability

Patched

A memory corruption vulnerability has been identified in SQLite versions prior to 3.50.2. The issue arises when the number of aggregate terms in a query exceeds the available columns, leading to potential memory corruption. This vulnerability can be exploited by crafting specific SQL queries that overload the aggregate term limit.

Impact

Exploitation of this vulnerability can result in memory corruption, which may lead to undefined behavior, including potential arbitrary code execution or causing the application to crash.

Remediation

Users are advised to upgrade to SQLite version 3.50.2 or later.

Added: Jul 15, 2025, 2:20 PM

Updated: Jul 15, 2025, 2:20 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

7.7

relevance

0.3

threat

3.2

urgency

1.4

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

7.7

relevance

0.3

threat

3.2

urgency

1.4

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SQLite Memory Corruption Vulnerability Due to Aggregate Term Overflow

Vulnerability

Impact

Remediation

Affected Products

SQLite

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating