SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.
{ "severity": "High", "cpes": [ "cpe:2.3:a:sqlite:sqlite:*:*:*:*:*:*:*:*" ] }