CVE-2025-6965

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-6965
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-6965.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-6965
Aliases
Downstream
Related
Published
2025-07-15T14:15:31Z
Modified
2025-07-31T04:51:36.004907Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.

References

Affected packages

Alpine:v3.21 / sqlite

Package

Name
sqlite
Purl
pkg:apk/alpine/sqlite?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.48.0-r3

Affected versions

3.*

3.6.10-r0
3.6.15-r0
3.6.22-r0
3.6.22-r1
3.6.22-r2
3.7.0-r2
3.7.0.1-r2
3.7.1-r2
3.7.2-r2
3.7.3-r2
3.7.4-r2
3.7.5-r2
3.7.6-r2
3.7.6.1-r2
3.7.6.2-r2
3.7.6.3-r2
3.7.7-r2
3.7.7.1-r2
3.7.8-r2
3.7.9-r2
3.7.10-r2
3.7.11-r2
3.7.12-r2
3.7.12.1-r2
3.7.13-r2
3.7.14-r2
3.7.14.1-r2
3.7.15-r2
3.7.15.1-r2
3.7.15.2-r2
3.7.16.1-r2
3.7.16.2-r2
3.7.17-r2
3.8.0-r2
3.8.0.1-r2
3.8.0.2-r2
3.8.1-r2
3.8.2-r2
3.8.3-r2
3.8.3.1-r2
3.8.4-r2
3.8.4.1-r2
3.8.4.2-r2
3.8.4.3-r2
3.8.5-r2
3.8.6-r2
3.8.7-r2
3.8.7.1-r2
3.8.7.2-r2
3.8.7.3-r2
3.8.7.4-r2
3.8.8.1-r2
3.8.8.2-r2
3.8.8.3-r2
3.8.9-r2
3.8.10-r2
3.8.10.1-r2
3.8.10.2-r2
3.8.11-r2
3.8.11.1-r2
3.9.0-r2
3.9.1-r2
3.9.2-r2
3.10.2-r2
3.11.0-r2
3.11.1-r2
3.12.0-r2
3.12.1-r2
3.12.2-r2
3.13.0-r2
3.14.1-r2
3.14.2-r2
3.15.0-r2
3.15.1-r2
3.15.2-r2
3.16.0-r2
3.16.2-r2
3.17.0-r2
3.18.0-r2
3.19.3-r2
3.20.0-r2
3.20.1-r2
3.21.0-r2
3.22.0-r2
3.23.0-r2
3.23.1-r0
3.23.1-r2
3.24.0-r0
3.24.0-r1
3.26.0-r0
3.26.0-r1
3.26.0-r2
3.26.0-r3
3.27.2-r0
3.28.0-r0
3.29.0-r0
3.30.0-r0
3.30.1-r0
3.30.1-r1
3.31.1-r0
3.31.1-r1
3.31.1-r2
3.31.1-r3
3.32.0-r0
3.32.1-r0
3.32.2-r0
3.32.3-r0
3.33.0-r0
3.34.0-r0
3.34.0-r1
3.34.1-r0
3.34.1-r1
3.35.0-r0
3.35.2-r0
3.35.3-r0
3.35.4-r0
3.35.5-r0
3.36.0-r0
3.37.0-r0
3.37.1-r0
3.37.2-r0
3.38.0-r0
3.38.2-r0
3.38.3-r0
3.38.4-r0
3.38.5-r0
3.39.0-r0
3.39.1-r0
3.39.2-r0
3.39.3-r0
3.39.4-r0
3.40.0-r0
3.40.1-r0
3.41.0-r0
3.41.0-r1
3.41.1-r0
3.41.2-r0
3.41.2-r1
3.41.2-r2
3.41.2-r3
3.42.0-r0
3.42.0-r1
3.42.0-r2
3.43.0-r0
3.43.1-r0
3.43.1-r1
3.43.2-r0
3.44.0-r0
3.44.1-r0
3.44.2-r0
3.45.0-r0
3.45.1-r0
3.45.2-r0
3.45.3-r0
3.45.3-r1
3.46.0-r0
3.46.1-r0
3.47.0-r0
3.47.1-r0
3.48.0-r0
3.48.0-r1
3.48.0-r2

Alpine:v3.22 / sqlite

Package

Name
sqlite
Purl
pkg:apk/alpine/sqlite?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.49.2-r1

Affected versions

3.*

3.6.10-r0
3.6.15-r0
3.6.22-r0
3.6.22-r1
3.6.22-r2
3.7.0-r2
3.7.0.1-r2
3.7.1-r2
3.7.2-r2
3.7.3-r2
3.7.4-r2
3.7.5-r2
3.7.6-r2
3.7.6.1-r2
3.7.6.2-r2
3.7.6.3-r2
3.7.7-r2
3.7.7.1-r2
3.7.8-r2
3.7.9-r2
3.7.10-r2
3.7.11-r2
3.7.12-r2
3.7.12.1-r2
3.7.13-r2
3.7.14-r2
3.7.14.1-r2
3.7.15-r2
3.7.15.1-r2
3.7.15.2-r2
3.7.16.1-r2
3.7.16.2-r2
3.7.17-r2
3.8.0-r2
3.8.0.1-r2
3.8.0.2-r2
3.8.1-r2
3.8.2-r2
3.8.3-r2
3.8.3.1-r2
3.8.4-r2
3.8.4.1-r2
3.8.4.2-r2
3.8.4.3-r2
3.8.5-r2
3.8.6-r2
3.8.7-r2
3.8.7.1-r2
3.8.7.2-r2
3.8.7.3-r2
3.8.7.4-r2
3.8.8.1-r2
3.8.8.2-r2
3.8.8.3-r2
3.8.9-r2
3.8.10-r2
3.8.10.1-r2
3.8.10.2-r2
3.8.11-r2
3.8.11.1-r2
3.9.0-r2
3.9.1-r2
3.9.2-r2
3.10.2-r2
3.11.0-r2
3.11.1-r2
3.12.0-r2
3.12.1-r2
3.12.2-r2
3.13.0-r2
3.14.1-r2
3.14.2-r2
3.15.0-r2
3.15.1-r2
3.15.2-r2
3.16.0-r2
3.16.2-r2
3.17.0-r2
3.18.0-r2
3.19.3-r2
3.20.0-r2
3.20.1-r2
3.21.0-r2
3.22.0-r2
3.23.0-r2
3.23.1-r0
3.23.1-r2
3.24.0-r0
3.24.0-r1
3.26.0-r0
3.26.0-r1
3.26.0-r2
3.26.0-r3
3.27.2-r0
3.28.0-r0
3.29.0-r0
3.30.0-r0
3.30.1-r0
3.30.1-r1
3.31.1-r0
3.31.1-r1
3.31.1-r2
3.31.1-r3
3.32.0-r0
3.32.1-r0
3.32.2-r0
3.32.3-r0
3.33.0-r0
3.34.0-r0
3.34.0-r1
3.34.1-r0
3.34.1-r1
3.35.0-r0
3.35.2-r0
3.35.3-r0
3.35.4-r0
3.35.5-r0
3.36.0-r0
3.37.0-r0
3.37.1-r0
3.37.2-r0
3.38.0-r0
3.38.2-r0
3.38.3-r0
3.38.4-r0
3.38.5-r0
3.39.0-r0
3.39.1-r0
3.39.2-r0
3.39.3-r0
3.39.4-r0
3.40.0-r0
3.40.1-r0
3.41.0-r0
3.41.0-r1
3.41.1-r0
3.41.2-r0
3.41.2-r1
3.41.2-r2
3.41.2-r3
3.42.0-r0
3.42.0-r1
3.42.0-r2
3.43.0-r0
3.43.1-r0
3.43.1-r1
3.43.2-r0
3.44.0-r0
3.44.1-r0
3.44.2-r0
3.45.0-r0
3.45.1-r0
3.45.2-r0
3.45.3-r0
3.45.3-r1
3.46.0-r0
3.46.1-r0
3.47.0-r0
3.47.1-r0
3.47.2-r0
3.48.0-r0
3.48.0-r1
3.49.0-r0
3.49.0-r1
3.49.1-r0
3.49.1-r1
3.49.2-r0

Debian:11 / sqlite3

Package

Name
sqlite3
Purl
pkg:deb/debian/sqlite3?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.34.1-3
3.34.1-3+deb11u1
3.35.5-1
3.36.0-1
3.36.0-2
3.37.0-1
3.37.0-2
3.37.1-1
3.37.2-1
3.37.2-2
3.38.0-1
3.38.1-1
3.38.2-1
3.38.3-1
3.38.5-1
3.39.0-1
3.39.0-2
3.39.0-3
3.39.1-1
3.39.2-1
3.39.3-1
3.39.4-1
3.40.0-1
3.40.0-2
3.40.1-1
3.40.1-2
3.42.0-1
3.43.0-1
3.43.1-1
3.43.2-1
3.44.0-1
3.44.2-1
3.45.0-1
3.45.1-1
3.45.2-1
3.45.3-1
3.45.3-2~exp1
3.46.0-1
3.46.1-1
3.46.1-2~exp
3.46.1-2
3.46.1-3
3.46.1-4
3.46.1-5
3.46.1-6
3.46.1-7

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:12 / sqlite3

Package

Name
sqlite3
Purl
pkg:deb/debian/sqlite3?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.40.1-2
3.40.1-2+deb12u1
3.42.0-1
3.43.0-1
3.43.1-1
3.43.2-1
3.44.0-1
3.44.2-1
3.45.0-1
3.45.1-1
3.45.2-1
3.45.3-1
3.45.3-2~exp1
3.46.0-1
3.46.1-1
3.46.1-2~exp
3.46.1-2
3.46.1-3
3.46.1-4
3.46.1-5
3.46.1-6
3.46.1-7

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / sqlite3

Package

Name
sqlite3
Purl
pkg:deb/debian/sqlite3?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.46.1-7

Affected versions

3.*

3.46.1-6

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Git / github.com/sqlite/sqlite

Affected ranges

Type
GIT
Repo
https://github.com/sqlite/sqlite
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
9d7c5df7f0e42528bf514b5231d58273bea47e40

Affected versions

Other

cvs-to-fossil-cutover
experimental
fts3-refactor
major-relase
major-release
relase

same-as-3.*

same-as-3.35.3

version-3.*

version-3.10.0
version-3.11.0
version-3.11.1
version-3.12.0
version-3.13.0
version-3.14.0
version-3.15.0
version-3.16.0
version-3.19.0
version-3.19.1
version-3.19.2
version-3.21.0
version-3.22.0
version-3.23.0
version-3.23.1
version-3.24.0
version-3.25.0
version-3.26.0
version-3.27.0
version-3.28.0
version-3.29.0
version-3.30.0
version-3.31.0
version-3.31.1
version-3.32.0
version-3.32.1
version-3.33.0
version-3.34.0
version-3.35.0
version-3.35.1
version-3.35.2
version-3.36.0
version-3.37.0
version-3.38.0
version-3.39.0
version-3.40.0
version-3.41.0
version-3.42.0
version-3.43.0
version-3.44.0
version-3.45.0
version-3.46.0
version-3.47.0
version-3.48.0
version-3.49.0
version-3.50.0
version-3.50.1
version-3.6.10
version-3.6.15
version-3.7.10
version-3.7.11
version-3.7.12
version-3.7.12.1
version-3.7.13
version-3.7.14
version-3.7.15
version-3.7.16
version-3.7.16.1
version-3.7.16.2
version-3.7.17
version-3.7.2
version-3.7.4
version-3.7.5
version-3.7.6
version-3.7.6.1
version-3.7.7
version-3.7.8
version-3.7.9
version-3.8.0
version-3.8.1
version-3.8.10
version-3.8.10.1
version-3.8.11
version-3.8.11.1
version-3.8.2
version-3.8.3
version-3.8.4
version-3.8.4.1
version-3.8.5
version-3.8.6
version-3.8.7
version-3.8.7.1
version-3.8.8
version-3.8.9
version-3.9.0
version-3.9.1