CVE-2025-7458

ADVISORY - nist

Summary

An integer overflow in the sqlite3KeyInfoFromExprList function in SQLite versions 3.39.2 through 3.41.1 allows an attacker with the ability to execute arbitrary SQL statements to cause a denial of service or disclose sensitive information from process memory via a crafted SELECT statement with a large number of expressions in the ORDER BY clause.

EPSS Score⁠: 0.0008 (0.236)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-190⁠

Integer Overflow or Wraparound

ADVISORY - redhat

CWE-190⁠

Integer Overflow or Wraparound

Impacted images

Advisories

NIST

CREATED

9 months ago

UPDATED

8 months ago

ADVISORY IDCVE-2025-7458⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-190⁠

CVSS SCORE

6.9medium

Debian

CREATED

9 months ago

UPDATED

2 hours ago

ADVISORY IDCVE-2025-7458⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

9 months ago

UPDATED

8 months ago

ADVISORY IDCVE-2025-7458⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

9.1medium

Bitnami

CREATED

9 months ago

UPDATED

9 months ago

ADVISORY ID

BIT-sqlite-2025-7458

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

6.9medium

Red Hat

CREATED

9 months ago

UPDATED

3 months ago

ADVISORY IDCVE-2025-7458⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-190⁠

CVSS SCORE

6.1medium