Information on source package sqlite3

Available versions

ReleaseVersion
jessie3.8.7.1-1+deb8u2
jessie (security)3.8.7.1-1+deb8u4
stretch3.16.2-5+deb9u1
buster3.27.2-3
bullseye3.30.1-1
sid3.30.1-1

Open issues

BugjessiestretchbusterbullseyesidDescription
CVE-2019-9937vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedIn SQLite 3.27.2, interleaving reads and writes in a single transactio ...
CVE-2019-9936vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedIn SQLite 3.27.2, running fts5 prefix queries inside a transaction cou ...
CVE-2019-8457vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedSQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-o ...
CVE-2019-5827vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedInteger overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3 ...
CVE-2019-16168vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedIn SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can cras ...
CVE-2018-8740fixedvulnerable (no DSA)fixedfixedfixedIn SQLite through 3.22.0, databases whose schema is corrupted using a ...
CVE-2018-20506vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedSQLite before 3.25.3, when the FTS3 extension is enabled, encounters a ...
CVE-2018-20505vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedSQLite 3.25.2, when queries are run on a table with a malformed PRIMAR ...
CVE-2018-20346fixedvulnerable (no DSA)fixedfixedfixedSQLite before 3.25.3, when the FTS3 extension is enabled, encounters a ...

Open unimportant issues

BugjessiestretchbusterbullseyesidDescription
CVE-2017-13685vulnerablevulnerablefixedfixedfixedThe dump_callback function in SQLite 3.20.0 allows remote attackers to ...

Resolved issues

BugDescription
TEMP-0566326-9A899Fsqlite: info leak
CVE-2019-5018An exploitable use after free vulnerability exists in the window funct ...
CVE-2017-2520An issue was discovered in certain Apple products. iOS before 10.3.2 i ...
CVE-2017-2519An issue was discovered in certain Apple products. iOS before 10.3.2 i ...
CVE-2017-2518An issue was discovered in certain Apple products. iOS before 10.3.2 i ...
CVE-2017-2513An issue was discovered in certain Apple products. iOS before 10.3.2 i ...
CVE-2017-15286SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in she ...
CVE-2017-10989The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3 ...
CVE-2016-6153os_unix.c in SQLite before 3.13.0 improperly implements the temporary ...
CVE-2015-3416The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does n ...
CVE-2015-3415The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not ...
CVE-2015-3414SQLite before 3.8.9 does not properly implement the dequoting of colla ...
CVE-2013-7443Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows r ...

Security announcements

DSA / DLADescription
DLA-1633-1sqlite3 - security update
DLA-1613-1sqlite3 - security update
DLA-1018-1sqlite3 - security update
DLA-543-1sqlite3 - security update
DSA-3252-2sqlite3 - security update
DSA-3252-1sqlite3 - security update

Search for package or bug name: Reporting problems