{"id":2392054,"name":"sqlite3","ecosystem":"npm","description":"Asynchronous, non-blocking SQLite3 bindings","homepage":"https://github.com/TryGhost/node-sqlite3","licenses":"BSD-3-Clause","normalized_licenses":["BSD-3-Clause"],"repository_url":"https://github.com/TryGhost/node-sqlite3","keywords_array":["sql","sqlite","sqlite3","database"],"namespace":null,"versions_count":103,"first_release_published_at":"2011-02-24T15:45:52.177Z","latest_release_published_at":"2024-01-05T08:48:16.555Z","latest_release_number":"5.1.7","last_synced_at":"2026-03-19T22:03:38.104Z","created_at":"2022-04-10T01:08:21.827Z","updated_at":"2026-06-02T13:13:56.728Z","registry_url":"https://www.npmjs.com/package/sqlite3","install_command":"npm install sqlite3","documentation_url":null,"metadata":{"funding":null,"dist-tags":{"latest":"5.1.7","alpha":"3.1.10-alpha"}},"repo_metadata":{"id":37235035,"uuid":"1367055","full_name":"TryGhost/node-sqlite3","owner":"TryGhost","description":"SQLite3 bindings for Node.js","archived":false,"fork":false,"pushed_at":"2025-10-14T06:33:21.000Z","size":91949,"stargazers_count":6402,"open_issues_count":172,"forks_count":845,"subscribers_count":176,"default_branch":"master","last_synced_at":"2025-10-24T00:30:55.576Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"PLpgSQL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/TryGhost.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":".github/CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"github":"tryghost","open_collective":"ghost"}},"created_at":"2011-02-14T21:50:01.000Z","updated_at":"2025-10-23T14:13:58.000Z","dependencies_parsed_at":"2023-10-16T13:18:00.946Z","dependency_job_id":"4b57bcd4-0c67-4675-9b58-70c738aa09f0","html_url":"https://github.com/TryGhost/node-sqlite3","commit_stats":{"total_commits":1313,"total_committers":99,"mean_commits":"13.262626262626263","dds":0.7974105102817974,"last_synced_commit":"1609684658a881aeff583daf3d810e499bf7bb74"},"previous_names":["mapbox/node-sqlite3","developmentseed/node-sqlite3"],"tags_count":109,"template":false,"template_full_name":null,"purl":"pkg:github/TryGhost/node-sqlite3","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TryGhost%2Fnode-sqlite3","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TryGhost%2Fnode-sqlite3/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TryGhost%2Fnode-sqlite3/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TryGhost%2Fnode-sqlite3/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/TryGhost","download_url":"https://codeload.github.com/TryGhost/node-sqlite3/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TryGhost%2Fnode-sqlite3/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":281114804,"owners_count":26446046,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-26T02:00:06.575Z","response_time":61,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"tags":[]},"repo_metadata_updated_at":"2025-10-31T03:42:00.575Z","dependent_packages_count":6166,"downloads":3995188,"downloads_period":"last-month","dependent_repos_count":146342,"rankings":{"downloads":0.16066143412679978,"dependent_repos_count":0.09057866862292827,"dependent_packages_count":0.01606901801339794,"stargazers_count":1.289866504592811,"forks_count":1.3733573051067234,"docker_downloads_count":0.04265907465453049,"average":0.49553200085286514},"purl":"pkg:npm/sqlite3","advisories":[{"uuid":"GSA_kwCzR0hTQS1qcXY1LTd4cHgtcWo3NM4AAyEw","url":"https://github.com/advisories/GHSA-jqv5-7xpx-qj74","title":"sqlite vulnerable to code execution due to Object coercion","description":"### Impact\n\nDue to the underlying implementation of `.ToString()`, it's possible to execute arbitrary JavaScript, or to achieve a denial-of-service, if a binding parameter is a crafted Object.\n\nUsers of `sqlite3` v5.0.0 - v5.1.4 are affected by this.\n\n### Patches\n\nFixed in v5.1.5. All users are recommended to upgrade to v5.1.5 or later.\n\n### Workarounds\n\n* Ensure there is sufficient sanitization in the parent application to protect against invalid values being supplied to binding parameters.\n\n### References\n\n* Commit: https://github.com/TryGhost/node-sqlite3/commit/edb1934dd222ae55632e120d8f64552d5191c781\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n\n* Email us at [security@ghost.org](mailto:security@ghost.org)\n\nCredits: Dave McDaniel of Cisco Talos","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2023-03-13T20:00:52.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":8.1,"cvss_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","references":["https://github.com/TryGhost/node-sqlite3/security/advisories/GHSA-jqv5-7xpx-qj74","https://github.com/TryGhost/node-sqlite3/commit/edb1934dd222ae55632e120d8f64552d5191c781","https://nvd.nist.gov/vuln/detail/CVE-2022-43441","https://talosintelligence.com/vulnerability_reports/TALOS-2022-1645","https://github.com/advisories/GHSA-jqv5-7xpx-qj74"],"source_kind":"github","identifiers":["GHSA-jqv5-7xpx-qj74","CVE-2022-43441"],"repository_url":"https://github.com/TryGhost/node-sqlite3","blast_radius":0.0,"created_at":"2023-03-13T21:03:14.526Z","updated_at":"2026-06-02T13:09:58.155Z","epss_percentage":0.06854,"epss_percentile":0.91504,"api_url":"https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1qcXY1LTd4cHgtcWo3NM4AAyEw","html_url":"https://advisories.ecosyste.ms/advisories/GSA_kwCzR0hTQS1qcXY1LTd4cHgtcWo3NM4AAyEw","packages":[{"ecosystem":"npm","package_name":"sqlite3","versions":[{"first_patched_version":"5.1.5","vulnerable_version_range":"\u003e= 5.0.0, \u003c 5.1.5"}],"purl":"pkg:npm/sqlite3"}],"related_packages_url":"https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1qcXY1LTd4cHgtcWo3NM4AAyEw/related_packages","related_advisories":[]},{"uuid":"GSA_kwCzR0hTQS05cXJoLXFqbWMtNXcycM1BjA","url":"https://github.com/advisories/GHSA-9qrh-qjmc-5w2p","title":"Denial-of-Service when binding invalid parameters in sqlite3","description":"Affected versions of sqlite3 will experience a fatal error when supplying a specific object in the parameter array. This error causes the application to crash and could not be caught. Users of `sqlite3` v5.0.0, v5.0.1 and v5.0.2 are affected by this. This issue is fixed in v5.0.3. All users are recommended to upgrade to v5.0.3 or later. Ensure there is sufficient sanitization in the parent application to protect against invalid values being supplied to binding parameters as a workaround.\n","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2022-04-28T20:25:23.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":7.5,"cvss_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","references":["https://github.com/TryGhost/node-sqlite3/security/advisories/GHSA-9qrh-qjmc-5w2p","https://github.com/TryGhost/node-sqlite3/issues/1440","https://github.com/TryGhost/node-sqlite3/issues/1449","https://github.com/TryGhost/node-sqlite3/commit/593c9d498be2510d286349134537e3bf89401c4a","https://security.snyk.io/vuln/SNYK-JS-SQLITE3-2388645","https://nvd.nist.gov/vuln/detail/CVE-2022-21227","https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2805470","https://snyk.io/vuln/SNYK-JS-SQLITE3-2388645","https://github.com/advisories/GHSA-9qrh-qjmc-5w2p"],"source_kind":"github","identifiers":["GHSA-9qrh-qjmc-5w2p","CVE-2022-21227"],"repository_url":"https://github.com/TryGhost/node-sqlite3","blast_radius":0.0,"created_at":"2022-12-21T16:12:29.575Z","updated_at":"2026-06-02T13:11:18.693Z","epss_percentage":0.0025,"epss_percentile":0.48362,"api_url":"https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS05cXJoLXFqbWMtNXcycM1BjA","html_url":"https://advisories.ecosyste.ms/advisories/GSA_kwCzR0hTQS05cXJoLXFqbWMtNXcycM1BjA","packages":[{"ecosystem":"npm","package_name":"sqlite3","versions":[{"first_patched_version":"5.0.3","vulnerable_version_range":"\u003e= 5.0.0, \u003c 5.0.3"}],"purl":"pkg:npm/sqlite3"}],"related_packages_url":"https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS05cXJoLXFqbWMtNXcycM1BjA/related_packages","related_advisories":[]}],"docker_usage_url":"https://docker.ecosyste.ms/usage/npm/sqlite3","docker_dependents_count":2462,"docker_downloads_count":1510583745,"usage_url":"https://repos.ecosyste.ms/usage/npm/sqlite3","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/npm/sqlite3/dependencies","status":null,"funding_links":["https://github.com/sponsors/tryghost","https://opencollective.com/ghost"],"critical":null,"issue_metadata":{"last_synced_at":"2025-10-29T02:02:58.443Z","issues_count":194,"pull_requests_count":119,"avg_time_to_close_issue":29024223.776470587,"avg_time_to_close_pull_request":36027097.75,"issues_closed_count":85,"pull_requests_closed_count":80,"pull_request_authors_count":36,"issue_authors_count":187,"avg_comments_per_issue":3.365979381443299,"avg_comments_per_pull_request":1.3949579831932772,"merged_pull_requests_count":22,"bot_issues_count":2,"bot_pull_requests_count":46,"past_year_issues_count":28,"past_year_pull_requests_count":27,"past_year_avg_time_to_close_issue":47419.0,"past_year_avg_time_to_close_pull_request":6506985.7,"past_year_issues_closed_count":4,"past_year_pull_requests_closed_count":10,"past_year_pull_request_authors_count":10,"past_year_issue_authors_count":28,"past_year_avg_comments_per_issue":0.8571428571428571,"past_year_avg_comments_per_pull_request":0.3333333333333333,"past_year_bot_issues_count":0,"past_year_bot_pull_requests_count":10,"past_year_merged_pull_requests_count":0,"issues_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/TryGhost%2Fnode-sqlite3/issues","maintainers":[{"login":"daniellockyer","count":13,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/daniellockyer"},{"login":"kewde","count":2,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/kewde"}],"active_maintainers":[{"login":"daniellockyer","count":4,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/daniellockyer"},{"login":"kewde","count":2,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/kewde"}]},"versions_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/sqlite3/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/sqlite3/version_numbers","latest_version_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/sqlite3/latest_version","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/sqlite3/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/sqlite3/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/sqlite3/codemeta","maintainers":[{"uuid":"erisds","login":"erisds","name":null,"email":"github.erisds@gmail.com","url":null,"packages_count":259,"html_url":"https://www.npmjs.com/~erisds","role":null,"created_at":"2022-11-10T11:36:06.310Z","updated_at":"2022-11-10T11:36:06.310Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/erisds/packages"},{"uuid":"daniellockyer","login":"daniellockyer","name":null,"email":"hi@daniellockyer.com","url":null,"packages_count":15,"html_url":"https://www.npmjs.com/~daniellockyer","role":null,"created_at":"2022-11-10T11:36:06.336Z","updated_at":"2022-11-10T11:36:06.336Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/daniellockyer/packages"},{"uuid":"kkaefer","login":"kkaefer","name":null,"email":"mail@kkaefer.com","url":null,"packages_count":40,"html_url":"https://www.npmjs.com/~kkaefer","role":null,"created_at":"2022-11-10T11:36:06.202Z","updated_at":"2022-11-10T11:36:06.202Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/kkaefer/packages"},{"uuid":"tmcw","login":"tmcw","name":null,"email":"tom@macwright.org","url":null,"packages_count":471,"html_url":"https://www.npmjs.com/~tmcw","role":null,"created_at":"2022-11-10T11:36:06.293Z","updated_at":"2022-11-10T11:36:06.293Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/tmcw/packages"},{"uuid":"yhahn","login":"yhahn","name":null,"email":"young@mapbox.com","url":null,"packages_count":42,"html_url":"https://www.npmjs.com/~yhahn","role":null,"created_at":"2022-11-10T11:36:06.318Z","updated_at":"2022-11-10T11:36:06.318Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/yhahn/packages"},{"uuid":"springmeyer","login":"springmeyer","name":null,"email":"dane@mapbox.com","url":null,"packages_count":42,"html_url":"https://www.npmjs.com/~springmeyer","role":null,"created_at":"2022-11-10T11:36:06.196Z","updated_at":"2022-11-10T11:36:06.196Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/springmeyer/packages"},{"uuid":"mapsam","login":"mapsam","name":null,"email":"sam@mapbox.com","url":null,"packages_count":16,"html_url":"https://www.npmjs.com/~mapsam","role":null,"created_at":"2022-11-10T11:36:06.323Z","updated_at":"2022-11-10T11:36:06.323Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/mapsam/packages"},{"uuid":"zmully","login":"zmully","name":null,"email":"mully@mapbox.com","url":null,"packages_count":2,"html_url":"https://www.npmjs.com/~zmully","role":null,"created_at":"2022-11-10T11:36:06.327Z","updated_at":"2022-11-10T11:36:06.327Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/zmully/packages"},{"uuid":"kewde_","login":"kewde_","name":null,"email":"kewde@particl.io","url":null,"packages_count":3,"html_url":"https://www.npmjs.com/~kewde_","role":null,"created_at":"2022-11-10T11:36:06.331Z","updated_at":"2022-11-10T11:36:06.331Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/kewde_/packages"}]}