Description
An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file.
Remediation
References
Related Vulnerabilities
Craft CMS Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2026-28782)
WordPress Plugin Appointment Hour Booking-WordPress Booking Cross-Site Scripting (1.3.16)
WordPress Plugin Matrix Gallery 'upload.php' Arbitrary File Upload (2.1)
WebLogic CVE-2020-2934 Vulnerability (CVE-2020-2934)
phpMyFAQ Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-6048)