CVE-2025-70873

EUVD-2025-208623
An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
sqlite
bionic
needs-triage
focal
needs-triage
jammy
needs-triage
noble
dne
questing
dne
trusty
needs-triage
xenial
needs-triage
sqlite3
bionic
needs-triage
focal
needs-triage
jammy
needs-triage
noble
needs-triage
questing
needs-triage
trusty
needs-triage
xenial
needs-triage
References
https://gist.github.com/cnwangjihe/f496393f30f5ecec5b18c8f5ab072054
https://sqlite.org/forum/forumpost/761eac3c82
https://sqlite.org/src/info/3d459f1fb1bd1b5e