ГлавнаяУязвимости → CVE-2025-7458
9.1критическая

CVE-2025-7458

Описание

An integer overflow in the sqlite3KeyInfoFromExprList function in SQLite versions 3.39.2 through 3.41.1 allows an attacker with the ability to execute arbitrary SQL statements to cause a denial of service or disclose sensitive information from process memory via a crafted SELECT statement with a large number of expressions in the ORDER BY clause.

Затрагиваемое ПО
Sqlite Sqlite
CVSS
Балл9.1 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Источники
https://sqlite.org/forum/forumpost/16ce2bb7a639e29bhttps://sqlite.org/src/info/12ad822d9b827777