pkg:Bitnami/sqlite

26 total CVEsCRITICAL5HIGH12MEDIUM9

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2025-6965Integer Truncation on SQLite
    from 0
  • CRITICAL9.8CVE-2025-3277An integer overflow can be triggered in SQLite’s `concat_ws()` function.
    from 0
  • CRITICAL9.8CVE-2020-35527In SQLite 3.31.1, there is an out of bounds access problem through ALTER TABLE for views that have a nested FROM clause.
    >= 3.31.1, < 3.31.2
  • CRITICAL9.8CVE-2020-11656In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a comp…
    from 0, < 3.31.2
  • CRITICAL9.1CVE-2025-7458SQLite integer overflow in key info allocation may lead to information disclosure.
    >= 3.39.2, < 3.41.2
  • HIGH7.5CVE-2025-70873An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to o…
    from 0, < 3.51.1
  • HIGH7.5CVE-2025-29087In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concat_ws() SQL function can cause memory to be written beyond the end of a malloc-alloc…
    from 0
  • HIGH7.5CVE-2021-31239An issue found in SQLite SQLite3 v.3.35.4 that allows a remote attacker to cause a denial of service via the appendvfs.c function.
    >= 3.35.4, < 3.35.5
  • HIGH7.5CVE-2020-35525sqlite3 - security update
    >= 3.31.1, < 3.31.2
  • HIGH7.5CVE-2022-35737`libsqlite3-sys` via C SQLite CVE-2022-35737
    >= 1.0.12, < 3.39.2
  • HIGH7.5CVE-2021-36690sqlite3 - security update
    >= 3.36.0, < 3.36.1
  • HIGH7.5CVE-2020-13871SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.
    >= 3.32.2, < 3.32.3
  • HIGH7.5CVE-2020-11655sqlite3 - security update
    from 0, < 3.31.2
  • HIGH7.5CVE-2020-9327In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generate…
    >= 3.31.1, < 3.31.2
  • HIGH7.3CVE-2023-7104SQLite SQLite3 make alltest sqlite3session.c sessionReadRecord heap-based overflow
    from 0, < 3.43.1
  • HIGH7.3CVE-2022-46908SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctio…
    >= 3.37.0, < 3.40.1
  • HIGH7.0CVE-2020-13630ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.
    from 0, < 3.32.0
  • MEDIUM5.5CVE-2025-29088In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3_db_config (in the C-language API) can cause a denial of service (applica…
    >= 3.49.0
  • MEDIUM5.5CVE-2024-0232Sqlite: use-after-free bug in jsonparseaddnodearray
    >= 3.43.0
  • MEDIUM5.5CVE-2021-20227A flaw was found in SQLite's SELECT query functionality (src/select.c).
    >= 3.33.0, < 3.34.1
  • MEDIUM5.5CVE-2020-15358In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse…
    from 0, < 3.32.3
  • MEDIUM5.5CVE-2020-13632ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.
    from 0, < 3.32.0
  • MEDIUM5.5CVE-2020-13631SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.
    from 0, < 3.32.0
  • MEDIUM5.5CVE-2020-13435SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c.
    from 0, < 3.32.1
  • MEDIUM5.5CVE-2020-13434sqlite3 - security update
    from 0, < 3.32.1
  • MEDIUM4.3CVE-2021-45346A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Da…
    >= 3.35.1, < 3.35.2, >= 3.37.0, < 3.37.1
Bitnami/sqlite — 26 CVEs · VulnScope