BIT-sqlite-2025-29087

BIT-sqlite-2025-29087 PUBLISHED CVSS 7.5 HIGH

In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concat_ws() SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string (e.g., 2MB or more), an integer overflow occurs in calculating the size of the result buffer, and thus malloc may not allocate enough memory.

Risk Scores

CVSS 3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Bitnami	sqlite	0, 0, 0

Exploit Intelligence

v2.5.json (github-poc)

Timeline

Apr 11, 2025 CVE Published
Feb 11, 2026 CVE Updated

References

https://gist.github.com/ylwango613/a44a29f1ef074fa783e29f04a0afd62a url
https://nvd.nist.gov/vuln/detail/CVE-2025-29087 url
https://sqlite.org/releaselog/3_49_1.html url
https://www.sqlite.org/cves.html url
https://sqlite.org/src/info/498e3f1cf57f164f url

Open in Interactive Console →