{"affected":[{"ecosystem_specific":{"binaries":[{"libsqlite3-0":"3.49.1-9.33.1","libsqlite3-0-32bit":"3.49.1-9.33.1","sqlite3":"3.49.1-9.33.1","sqlite3-devel":"3.49.1-9.33.1","sqlite3-tcl":"3.49.1-9.33.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP5-LTSS","name":"sqlite3","purl":"pkg:rpm/suse/sqlite3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.49.1-9.33.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for sqlite3 fixes the following issues:\n\n- CVE-2025-3277,CVE-2025-29087: Fixed integer overflow in sqlite concat function (bsc#1241020)\n- CVE-2025-29088: Fixed integer overflow through the SQLITE_DBCONFIG_LOOKASIDE component (bsc#1241078)\n\nOther fixes:\n\n- Updated to version 3.49.1 from Factory (jsc#SLE-16032)\n","id":"SUSE-SU-2025:01455-1","modified":"2025-06-27T12:16:18Z","published":"2025-06-27T12:16:18Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-202501455-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241020"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241078"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241189"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-29087"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-29088"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-3277"}],"related":["CVE-2025-29087","CVE-2025-29088","CVE-2025-3277"],"summary":"Security update for sqlite3","upstream":["CVE-2025-29087","CVE-2025-29088","CVE-2025-3277"]}