SQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, allows remote attackers to cause a denial of service (application crash) by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases).
http://seclists.org/fulldisclosure/2019/Jan/62
http://seclists.org/fulldisclosure/2019/Jan/64
http://seclists.org/fulldisclosure/2019/Jan/66
http://seclists.org/fulldisclosure/2019/Jan/67
http://seclists.org/fulldisclosure/2019/Jan/68
http://seclists.org/fulldisclosure/2019/Jan/69
https://seclists.org/bugtraq/2019/Jan/28
https://seclists.org/bugtraq/2019/Jan/29
https://seclists.org/bugtraq/2019/Jan/31
https://seclists.org/bugtraq/2019/Jan/32
https://seclists.org/bugtraq/2019/Jan/33
https://seclists.org/bugtraq/2019/Jan/39
https://security.netapp.com/advisory/ntap-20190502-0004/
https://support.apple.com/kb/HT209443
https://support.apple.com/kb/HT209446
https://support.apple.com/kb/HT209447
https://support.apple.com/kb/HT209448
https://support.apple.com/kb/HT209450