DevGuard Logo

🛡️ DevGuard
Group
/🧩 DevGuard Action
Repository

Overview
Compliance
Artifacts
Code Risks
Dependency Risks
License Risks
Dependencies

CVE-2025-7458

An integer overflow in the sqlite3KeyInfoFromExprList function in SQLite versions 3.39.2 through 3.41.1 allows an attacker with the ability to execute arbitrary SQL statements to cause a denial of service or disclose sensitive information from process memory via a crafted SELECT statement with a large number of expressions in the ORDER BY clause.

Open
LOW (2.2)
  • logo

    System detected CVE-2025-7458

    attesting
  • logo

    System detected CVE-2025-7458

    attest
  • logo

    System updated the risk assessment from 0 to 4.5

    attest

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 0 to 4.5

    attesting

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 4.5 to 2.2

    attest

    System recalculated raw risk assessment

  • logo

    System updated the risk assessment from 4.5 to 2.2

    attesting

    System recalculated raw risk assessment

  • logo

    System fixed CVE-2025-7458

    attesting
  • logo

    System fixed CVE-2025-7458

    attest
  • logo

    System detected CVE-2025-7458 with a risk of 2.2

    attesting

Add a comment

Mark as False Positive
Last calculated at:

Affected component

debian/sqlite3

Installed version:
3.40.1
Fixed in:
no patch available
Show in dependency graph

Management decisions across the organization

GitHubImprintTerms of UsePrivacy
Copyright © 2025 L3montree GmbH and the DevGuard Contributors. All rights reserved. Version 2ab7b793efd72421aea8c3a994ac60202bf1b3a5