CVE-2025-29087 LOW

CVE-2025-29087

Vendor Sqlite
Product SQLite
Weakness CWE-190
Published April 7, 2025
Last update April 15, 2025

CVSS base score

3.2/10
Attack vector Local
Attack complexity High
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L

What the vulnerability does

01Description

In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concat_ws() SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string (e.g., 2MB or more), an integer overflow occurs in calculating the size of the result buffer, and thus malloc may not allocate enough memory.

Key dates

02Disclosure timeline

April 7, 2025 CVE published
April 15, 2025 Record updated