Description

In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concat_ws() SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string (e.g., 2MB or more), an integer overflow occurs in calculating the size of the result buffer, and thus malloc may not allocate enough memory.

INFO

Published Date :

2025-04-07T00:00:00.000Z

Last Modified :

2025-04-15T15:14:39.726Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2025-29087 vulnerability.

Vendors Products
Sqlite
  • Sqlite
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-29087.

URL Resource
https://gist.github.com/ylwango613/a44a29f1ef074fa783e29f04a0afd62a cve-icon cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-29087 cve-icon
https://sqlite.org/releaselog/3_49_1.html cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-29087 cve-icon
https://www.sqlite.org/cves.html cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact