Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/sqlite3@3.40.1-2%2Bdeb12u2
purl pkg:deb/debian/sqlite3@3.40.1-2%2Bdeb12u2
Next non-vulnerable version 3.46.1-7+deb13u1
Latest non-vulnerable version 3.46.1-7+deb13u1
Risk 3.1
Vulnerabilities affecting this package (3)
Vulnerability Summary Fixed by
VCID-2k32-4p92-1ygz
Aliases:
CVE-2025-7709
An integer overflow exists in the FTS5 https://sqlite.org/fts5.html  extension. It occurs when the size of an array of tombstone pointers is calculated and truncated into a 32-bit integer. A pointer to partially controlled data can then be written out of bounds.
3.46.1-7+deb13u1
Affected by 0 other vulnerabilities.
VCID-6xmb-3zgw-xudu
Aliases:
CVE-2025-29088
sqlite: Denial of Service in SQLite
3.46.1-7+deb13u1
Affected by 0 other vulnerabilities.
VCID-jree-ndwj-kfcy
Aliases:
CVE-2025-7458
sqlite: SQLite integer overflow
3.46.1-7+deb13u1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (4)
Vulnerability Summary Aliases
VCID-7es8-7d9x-xfgm Improper Validation of Array Index SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API. CVE-2022-35737
GHSA-jw36-hf63-69r9
VCID-bgz9-v5cv-8kea A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges (e.g., is intentionally allowed to execute commands). This report does NOT imply any problem in the SQLite library. CVE-2021-36690
VCID-fyxk-hw7d-ruc4 sqlite: Integer Truncation in SQLite CVE-2025-6965
VCID-jqy9-zum8-aqfn sqlite: heap-buffer-overflow at sessionfuzz CVE-2023-7104

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T13:24:56.472888+00:00 Debian Importer Affected by VCID-2k32-4p92-1ygz https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T13:02:41.189844+00:00 Debian Importer Fixing VCID-7es8-7d9x-xfgm https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:31:42.800084+00:00 Debian Importer Affected by VCID-jree-ndwj-kfcy https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:46:44.934012+00:00 Debian Importer Affected by VCID-6xmb-3zgw-xudu https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:56:02.900460+00:00 Debian Importer Fixing VCID-fyxk-hw7d-ruc4 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-15T18:41:25.332829+00:00 Debian Oval Importer Fixing VCID-bgz9-v5cv-8kea https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T15:23:07.763820+00:00 Debian Oval Importer Fixing VCID-jqy9-zum8-aqfn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-13T09:15:14.942941+00:00 Debian Importer Affected by VCID-2k32-4p92-1ygz https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:58:00.393347+00:00 Debian Importer Fixing VCID-7es8-7d9x-xfgm https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:34:44.675175+00:00 Debian Importer Affected by VCID-jree-ndwj-kfcy https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:17:35.711971+00:00 Debian Importer Affected by VCID-6xmb-3zgw-xudu https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:39:02.652471+00:00 Debian Importer Fixing VCID-fyxk-hw7d-ruc4 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:25:49.794925+00:00 Debian Oval Importer Fixing VCID-bgz9-v5cv-8kea https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:11:21.099445+00:00 Debian Oval Importer Fixing VCID-jqy9-zum8-aqfn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-08T20:08:47.624811+00:00 Debian Importer Affected by VCID-2k32-4p92-1ygz https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-08T19:58:03.241039+00:00 Debian Importer Fixing VCID-7es8-7d9x-xfgm https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-08T19:42:46.050365+00:00 Debian Importer Affected by VCID-jree-ndwj-kfcy https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-08T18:50:56.001001+00:00 Debian Importer Affected by VCID-6xmb-3zgw-xudu https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-08T18:25:20.015287+00:00 Debian Importer Fixing VCID-fyxk-hw7d-ruc4 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-08T18:11:41.133421+00:00 Debian Oval Importer Fixing VCID-bgz9-v5cv-8kea https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:06:21.939514+00:00 Debian Oval Importer Fixing VCID-jqy9-zum8-aqfn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0