CVE-2025-6965: SQLitePCLRaw.lib.e_sqlite3 has a vulnerable dependency on SQLite
(updated )
There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.
References
- cert-portal.siemens.com/productcert/html/ssa-225816.html
- cert-portal.siemens.com/productcert/html/ssa-485750.html
- github.com/advisories/GHSA-2m69-gcr7-jv3q
- github.com/github/advisory-database/pull/7675
- github.com/google/security-research/security/advisories/GHSA-qj7j-3jp8-8ccv
- nvd.nist.gov/vuln/detail/CVE-2025-6965
- www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8
Code Behaviors & Features
Detect and mitigate CVE-2025-6965 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →