Return to CVE list

CVE-2025-29087

3.2
Low

CVE-2025-29087

cve@mitre.org
Analyzed
View on MITREFind on GitHub

Description

In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concat_ws() SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string (e.g., 2MB or more), an integer overflow occurs in calculating the size of the result buffer, and thus malloc may not allocate enough memory.

Exploits

No known exploits found for this CVE.

Search Exploit-DB

References

cve@mitre.org
https://gist.github.com/ylwango613/a44a29f1ef074fa783e29f04a0afd62a
cve@mitre.org
https://sqlite.org/releaselog/3_49_1.html
cve@mitre.org
https://www.sqlite.org/cves.html