Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-6phf-6h5g-97j2: Sqlite-jdbc vulnerable to remote code execution when JDBC url is attacker controlled

Summary

Sqlite-jdbc addresses a remote code execution vulnerability via JDBC URL.

Impacted versions :

3.6.14.1-3.41.2.1

References

https://github.com/xerial/sqlite-jdbc/releases/tag/3.41.2.2

ghsa
#sql#vulnerability#git#rce

Sqlite-jdbc vulnerable to remote code execution when JDBC url is attacker controlled

High severity GitHub Reviewed Published May 23, 2023 in xerial/sqlite-jdbc • Updated May 23, 2023

Related news

CVE-2023-30994: Security Bulletin: IBM QRadar SIEM includes components with known vulnerabilities

IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 254138

CVE-2023-32697: Release Release 3.41.2.2 · xerial/sqlite-jdbc

SQLite JDBC is a library for accessing and creating SQLite database files in Java. Sqlite-jdbc addresses a remote code execution vulnerability via JDBC URL. This issue impacting versions 3.6.14.1 through 3.41.2.1 and has been fixed in version 3.41.2.2.

ghsa: Latest News

GHSA-x52f-h5g4-8qv5: Marp Core allows XSS by improper neutralization of HTML sanitization