CVE Daily

CVE-2023-7104

A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as criti...

Medium CVSS 5.5

Overview

A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999.

CWE: CWE-122 Published: 2023-12-29T10:15:13.890
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 5.5 (MEDIUM)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags