Published
2025-01-01
·
Updated
2025-09-08
·
CVE-2025-7709
6.9
Medium
| Base vector | Vector | AV:N/AC:H/AT:P/PR:L/UI:A/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L |
Name of the Vulnerable Software and Affected Versions:
SQLite FTS5 extension (affected versions not specified)
Description:
An integer overflow exists in the FTS5 extension. The issue occurs when calculating the size of an array of tombstone pointers, leading to truncation into a 32-bit integer. This allows writing a pointer to partially controlled data out of bounds.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Integer Overflow