Ghost Sqlite3 vulnerabilities
62 known vulnerabilities affecting ghost/sqlite3.
Total CVEs
62
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL9HIGH32MEDIUM21
Vulnerabilities
Page 2 of 4
CVE-2019-9936P3HIGHCVSS 7.5≥ 0, < 3.27.2-22019-03-22
CVE-2019-9936 [HIGH] CVE-2019-9936: In SQLite 3
In SQLite 3.27.2, running fts5 prefix queries inside a transaction could trigger a heap-based buffer over-read in fts5HashEntrySort in sqlite3.c, which may lead to an information leak. This is related to ext/fts5/fts5_hash.c.
osv
CVE-2018-20505P3HIGHCVSS 7.5≥ 0, < 3.25.3-12019-04-03
CVE-2018-20505 [HIGH] CVE-2018-20505: SQLite 3
SQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, allows remote attackers to cause a denial of service (application crash) by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases).
osv
CVE-2018-8740P3HIGHCVSS 7.5≥ 0, < 3.11.0-1ubuntu1.5≥ 0, < 3.22.0-1ubuntu0.4+1 more2020-06-10
CVE-2018-8740 [HIGH] sqlite3 vulnerabilities
sqlite3 vulnerabilities
It was discovered that SQLite incorrectly handled certain corruped schemas.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 18.04 LTS. (CVE-2018-8740)
It was discovered that SQLite incorrectly handled certain SELECT
statements. An attacker could possibly use this issue to cause a denial of
service. This issue was only addressed in Ubuntu 19.10. (CVE-2019-19603)
It was d
osv
CVE-2019-19925P3HIGHCVSS 7.5≥ 0, < 3.30.1+fossil191229-12019-12-24
CVE-2019-19925 [HIGH] CVE-2019-19925: zipfileUpdate in ext/misc/zipfile
zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.
osv
CVE-2025-29087P3HIGHCVSS 7.5≥ 0, < 3.46.1-32025-04-07
CVE-2025-29087 [HIGH] CVE-2025-29087: In SQLite 3
In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concat_ws() SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string (e.g., 2MB or more), an integer overflow occurs in calculating the size of the result buffer, and thus malloc may not allocate enough memory.
osv
CVE-2015-3416P3HIGHCVSS 7.5≥ 0, < 3.8.9-12015-04-24
CVE-2015-3416 [HIGH] CVE-2015-3416: The sqlite3VXPrintf function in printf
The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.
osv
CVE-2019-19603P3HIGHCVSS 7.5≥ 0, < 3.30.1+fossil191229-12019-12-09
CVE-2019-19603 [HIGH] CVE-2019-19603: SQLite 3
SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash.
osv
CVE-2019-19880P3HIGHCVSS 7.5≥ 0, < 3.30.1+fossil191229-12019-12-18
CVE-2019-19880 [HIGH] CVE-2019-19880: exprListAppendList in window
exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.
osv
CVE-2019-19923P3HIGHCVSS 7.5≥ 0, < 3.30.1+fossil191229-12019-12-24
CVE-2019-19923 [HIGH] CVE-2019-19923: flattenSubquery in select
flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).
osv
CVE-2019-9937P3HIGHCVSS 7.5≥ 0, < 3.27.2-22019-03-22
CVE-2019-9937 [HIGH] CVE-2019-9937: In SQLite 3
In SQLite 3.27.2, interleaving reads and writes in a single transaction with an fts5 virtual table will lead to a NULL Pointer Dereference in fts5ChunkIterate in sqlite3.c. This is related to ext/fts5/fts5_hash.c and ext/fts5/fts5_index.c.
osv
CVE-2019-19959P3HIGHCVSS 7.5≥ 0, < 3.30.1+fossil191229-12020-01-03
CVE-2019-19959 [HIGH] CVE-2019-19959: ext/misc/zipfile
ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind.
osv
CVE-2020-13871P3HIGHCVSS 7.5≥ 0, < 3.32.2-22020-06-06
CVE-2020-13871 [HIGH] CVE-2020-13871: SQLite 3
SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.
osv
CVE-2020-9327P3HIGHCVSS 7.5≥ 0, < 3.31.1-32020-02-21
CVE-2020-9327 [HIGH] CVE-2020-9327: In SQLite 3
In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.
osv
CVE-2019-20218P3HIGHCVSS 7.5≥ 0, < 3.30.1+fossil191229-12020-01-02
CVE-2019-20218 [HIGH] CVE-2019-20218: selectExpander in select
selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.
osv
CVE-2022-46908P3HIGHCVSS 7.3≥ 0, < 3.31.1-4ubuntu0.6≥ 0, < 3.37.2-2ubuntu0.32024-01-03
CVE-2022-46908 [HIGH] sqlite3 vulnerabilities
sqlite3 vulnerabilities
It was discovered that SQLite incorrectly handled certain protection
mechanisms when using a CLI script with the --safe option, contrary to
expectations. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-46908)
It was discovered that SQLite incorrectly handled certain memory operations
in the sessions extension. A remote attacker could possibly use this issue
to cause SQLite to crash, resulting in a denial of service. (CV
osv
CVE-2020-11655P3HIGHCVSS 7.5≥ 0, < 3.31.1-52020-04-09
CVE-2020-11655 [HIGH] CVE-2020-11655: SQLite through 3
SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.
osv
CVE-2019-19244P3HIGHCVSS 7.5≥ 0, < 3.30.1+fossil191229-12019-11-25
CVE-2019-19244 [HIGH] CVE-2019-19244: sqlite3Select in select
sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage.
osv
CVE-2022-21227P3HIGHCVSS 7.5fixed in 5.0.3≥ unspecified, < 5.0.32022-05-01
CVE-2022-21227 [HIGH] CVE-2022-21227: The package sqlite3 before 5.0.3 are vulnerable to Denial of Service (DoS) which will invoke the toS
The package sqlite3 before 5.0.3 are vulnerable to Denial of Service (DoS) which will invoke the toString function of the passed parameter. If passed an invalid Function object it will throw and crash the V8 engine.
ghsanvdosv
CVE-2015-3415P3HIGHCVSS 7.5≥ 0, < 3.8.9-12015-04-24
CVE-2015-3415 [HIGH] CVE-2015-3415: The sqlite3VdbeExec function in vdbe
The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O>O) in a CREATE TABLE statement.
osv
CVE-2017-15286P4HIGHCVSS 7.5≥ 0, < 3.20.1-22017-10-12
CVE-2017-15286 [HIGH] CVE-2017-15286: SQLite 3
SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in shell.c because it fails to consider certain cases where `sqlite3_step(pStmt)==SQLITE_ROW` is false and a data structure is never initialized.
osv