CVE-2025-6965
CVE Details
Visit the official vulnerability details page for CVE-2025-6965 to learn more.
Initial Publication
07/23/2025
Last Update
09/21/2025
Third Party Dependency
sqlite-libs
NIST CVE Summary
There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.
CVE Severity
Our Official Summary
A memory corruption vulnerability has been identified in SQLite versions earlier than 3.50.2. The issue occurs when the number of aggregate terms in a SQL query exceeds the number of available columns, potentially leading to crashes, unpredictable behavior, data corruption, or in some cases, arbitrary code execution.
This vulnerability has been reported in certain upstream images used by the VM Orchestrator component. It does not affect clusters that do not use this functionality.
- In the affected images, multiple security controls are already in place:
- The images are not accessible externally, limiting exposure.
- An attacker would require privileged access within the cluster to attempt exploitation.
The containers do not permit arbitrary code execution, further mitigating risk.
As a result, the practical impact of this vulnerability is low, with the containerized deployment model significantly reducing the overall attack surface.
Status
Ongoing
Affected Products & Versions
| Version | Palette Enterprise | Palette Enterprise Airgap | VerteX | VerteX Airgap |
|---|---|---|---|---|
| 4.7.20 | ⚠️ Impacted | ⚠️ Impacted | ⚠️ Impacted | ⚠️ Impacted |
| 4.6.41 | ⚠️ Impacted | ✅ No Impact | ⚠️ Impacted | ✅ No Impact |
Revision History
| Date | Revision |
|---|---|
| 08/18/2025 | Official summary revised: A memory corruption vulnerability has been identified in SQLite versions earlier than 3.50.2. The issue occurs when the number of aggregate terms in a SQL query exceeds the number of available columns, potentially leading to crashes, unpredictable behavior, data corruption, or in some cases, arbitrary code execution.This vulnerability has been reported in certain upstream images used by the VM Orchestrator component. It does not affect clusters that do not use this functionality.- In the affected images, multiple security controls are already in place:- The images are not accessible externally, limiting exposure.- An attacker would require privileged access within the cluster to attempt exploitation.The containers do not permit arbitrary code execution, further mitigating risk.As a result, the practical impact of this vulnerability is low, with the containerized deployment model significantly reducing the overall attack surface. |
| 07/31/2025 | Status changed from Open to Ongoing |
| 07/31/2025 | Official summary added |