Name of the Vulnerable Software and Affected Versions:

SQLite versions 3.39.2 through 3.41.1

Description:

An integer overflow in the `sqlite3KeyInfoFromExprList` function allows an attacker with the ability to execute arbitrary SQL statements to cause a denial of service or disclose sensitive information from process memory via a crafted SELECT statement with a large number of expressions in the ORDER BY clause.

Recommendations:

Update to a version later than 3.41.1.