Headline

GHSA-6phf-6h5g-97j2: Sqlite-jdbc vulnerable to remote code execution when JDBC url is attacker controlled

Summary

Sqlite-jdbc addresses a remote code execution vulnerability via JDBC URL.

Impacted versions :

3.6.14.1-3.41.2.1

References

https://github.com/xerial/sqlite-jdbc/releases/tag/3.41.2.2

1 year ago

ghsa

Open in Source

#sql #vulnerability #git #rce

Sqlite-jdbc vulnerable to remote code execution when JDBC url is attacker controlled

High severity GitHub Reviewed Published May 23, 2023 in xerial/sqlite-jdbc • Updated May 23, 2023

IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 254138

1 year ago

CVE

Open in Source

#sql #xss #vulnerability #web #mac #google #linux #dos #apache #js #git #java #oracle #ldap #vmware #graalvm #buffer_overflow #auth #ssh #ibm

CVE-2023-32697: Release Release 3.41.2.2 · xerial/sqlite-jdbc

SQLite JDBC is a library for accessing and creating SQLite database files in Java. Sqlite-jdbc addresses a remote code execution vulnerability via JDBC URL. This issue impacting versions 3.6.14.1 through 3.41.2.1 and has been fixed in version 3.41.2.2.

1 year ago

CVE

Open in Source

#sql #vulnerability #git #java #rce #auth #maven