[moyix]

Note that the vulnerable extension is only enabled in the sqlite shell:

> However, the generate_series extension is only enabled by default in the shell binary and not the library itself, so the impact of the issue is limited.

https://project-zero.issues.chromium.org/issues/372435124

[bawolff]

Yeah, this seems pretty misleading by the blog post. Quite a big difference between finding a vuln in sqlite vs an sqlite extension.