SQLite 3.31

Status EOLSupport 2020-01 – 2020-05Latest 3.31.1Vulnerabilities 29← All SQLite versions
Critical 9.8 Unfixed
2025-07-15≤ 3.31.1

Integer Truncation on SQLite

CVE
Critical 9.8
2019-12-09< 3.31.0

sqlite: pragma.c mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns

CVE
Critical 9.8
2019-12-05< 3.31.0

sqlite: omits bits from the colUsed bitmask in the case of a generated column

CVE
Critical 9.8 Unfixed
2020-04-09≤ 3.31.1

sqlite: use-after-free in the ALTER TABLE implementation

CVE
Critical 9.8
2022-09-01= 3.31.1

sqlite: Out of bounds access during table rename

CVE
High 7.5 Unfixed
2026-03-12≤ 3.31.1

sqlite: SQLite: Information Disclosure via Crafted ZIP File

CVE
High 7.5 Unfixed
2022-08-03≤ 3.31.1

sqlite: an array-bounds overflow if billions of bytes are used in a string argument to a C API

CVE
High 7.5 Unfixed
2020-06-06≤ 3.31.1

sqlite: use-after-free in resetAccumulator in select.c

CVE
High 7.5
2020-01-02< 3.31.0

sqlite: selectExpander in select.c proceeds with WITH stack unwinding even after a parsing error

CVE
High 7.5
2020-01-03< 3.31.0

sqlite: mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames

CVE
High 7.5
2019-12-23< 3.31.0

sqlite: error mishandling because of incomplete fix of CVE-2019-19880

CVE
High 7.5
2019-12-24< 3.31.0

sqlite: zipfileUpdate in ext/misc/zipfile.c mishandles a NULL pathname during an update of a ZIP archive

CVE
High 7.5
2019-12-24< 3.31.0

sqlite: mishandling of certain uses of SELECT DISTINCT involving a LEFT JOIN in flattenSubquery in select.c leads to a NULL pointer dereference

CVE
High 7.5 Unfixed
2020-02-21≤ 3.31.1

sqlite: NULL pointer dereference and segmentation fault because of generated column optimizations

CVE
High 7.5 Unfixed
2020-04-09≤ 3.31.1

sqlite: malformed window-function query leads to DoS

CVE
High 7.5
2022-09-01= 3.31.1

sqlite: Null pointer derreference in src/select.c

CVE
High 7.0 Unfixed
2020-05-27≤ 3.31.1

sqlite: Use-after-free in fts3EvalNextRow in ext/fts3/fts3.c

CVE
Medium 5.5 Unfixed
2023-12-25≤ 3.31.1

SQLite SQLite3 make alltest sqlite3session.c sessionReadRecord heap-based overflow

CVE
Medium 5.5 Unfixed
2021-03-23≤ 3.31.1

sqlite: potential use-after-free bug when processing a subquery with both a correlated WHERE clause and a "HAVING 0" clause and where the parent query is an aggregate

CVE
Medium 5.5 Unfixed
2020-06-27≤ 3.31.1

sqlite: heap-based buffer overflow in multiSelectOrderBy due to mishandling of query-flattener optimization in select.c

CVE
Medium 5.5 Unfixed
2020-05-27≤ 3.31.1

sqlite: NULL pointer dereference in ext/fts3/fts3_snippet.c via a crafted matchinfo() query

CVE
Medium 5.5 Unfixed
2020-05-27≤ 3.31.1

sqlite: Virtual table can be renamed into the name of one of its shadow tables

CVE
Medium 5.5 Unfixed
2020-05-24≤ 3.31.1

sqlite: NULL pointer dereference in sqlite3ExprCodeTarget()

CVE
Medium 5.5 Unfixed
2020-05-24≤ 3.31.1

sqlite: integer overflow in sqlite3_str_vappendf function in printf.c

CVE
Medium 5.5
2019-12-09< 3.31.0

sqlite: infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements

CVE
Medium 5.3
2019-12-24< 3.31.0

sqlite: incorrect sqlite3WindowRewrite() error handling leads to mishandling certain parser-tree rewriting

CVE
Medium 4.7 Unfixed
2024-01-16≤ 3.31.1

Sqlite: use-after-free bug in jsonparseaddnodearray

CVE
N/A Unfixed
0000-00-00≤ 3.31.1

CVE
N/A
2020-02-11< 3.31.0

CVE