CVE-2023-7104

A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999.

Open

LOW (3.0)

T
Tim Bastin detected CVE-2023-7104 with a risk of 3.35
main
System updated the risk assessment to 2.54
main
System recalculated raw risk assessment
T
Tim Bastin fixed CVE-2023-7104
main
T
Tim Bastin detected CVE-2023-7104 with a risk of 2.54
main
System updated the risk assessment to 1.27
main
System recalculated raw risk assessment
System updated the risk assessment to 2.54
main
System recalculated raw risk assessment
System updated the risk assessment to 1.27
main
System recalculated raw risk assessment
T
Tim Bastin detected CVE-2023-7104 with a risk of 1.27
0.9.0
System updated the risk assessment from 1.27 to 0.85
main
System recalculated raw risk assessment
System updated the risk assessment from 1.27 to 0.85
0.9.0
System recalculated raw risk assessment
System updated the risk assessment from 0.85 to 2.54
main
System recalculated raw risk assessment
System updated the risk assessment from 0.85 to 2.54
0.9.0
System recalculated raw risk assessment
System
main
System fixed CVE-2023-7104
main
System
0.9.0
System detected CVE-2023-7104 with a risk of 2.54
main
System
0.9.0
System
main
System fixed CVE-2023-7104
main
System
0.9.0
System detected CVE-2023-7104 with a risk of 2.54
main
T
Tim Bastin detected CVE-2023-7104 with a risk of 2.54
add-first-party-scan-to-gitlap-pipeline
T
Tim Bastin detected CVE-2023-7104 with a risk of 2.54
add-jobs-tags
T
Tim Bastin detected CVE-2023-7104 with a risk of 2.54
0.11.1
T
Tim Bastin detected CVE-2023-7104 with a risk of 2.54
feautre/sarif-sbom-upload-components
T
Tim Bastin
examples
System updated the risk assessment from 1.27 to 2.54
revert-c7057e5e
System recalculated raw risk assessment
T
Tim Bastin fixed CVE-2023-7104
main
S
Sebastian Kawelke updated the risk assessment from 2.54 to 2.75
main
Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high
S
Sebastian Kawelke updated the risk assessment from 2.54 to 2.75
examples
Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high
S
Sebastian Kawelke updated the risk assessment from 2.54 to 2.75
chore/adds-additional-env-flags
Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high
S
Sebastian Kawelke updated the risk assessment from 2.54 to 2.75
fix-attest.yaml
Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high
S
Sebastian Kawelke updated the risk assessment from 2.54 to 2.75
add-jobs-tags
Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high
S
Sebastian Kawelke updated the risk assessment from 2.54 to 2.75
0.9.0
Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high
S
Sebastian Kawelke updated the risk assessment from 2.54 to 2.75
attest
Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high
S
Sebastian Kawelke updated the risk assessment from 2.54 to 2.75
feautre/sarif-sbom-upload-components
Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high
S
Sebastian Kawelke updated the risk assessment from 2.54 to 2.75
revert-c7057e5e
Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high
S
Sebastian Kawelke updated the risk assessment from 2.54 to 2.75
0.11.1
Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high
S
Sebastian Kawelke updated the risk assessment from 2.54 to 2.75
add-first-party-scan-to-gitlap-pipeline
Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high
S
Sebastian Kawelke updated the risk assessment from 2.75 to 3.05
fix-attest.yaml
Confidentiality Requirement updated: low -> high
S
Sebastian Kawelke updated the risk assessment from 2.75 to 3.05
examples
Confidentiality Requirement updated: low -> high
S
Sebastian Kawelke updated the risk assessment from 2.75 to 3.05
add-first-party-scan-to-gitlap-pipeline
Confidentiality Requirement updated: low -> high
S
Sebastian Kawelke updated the risk assessment from 2.75 to 3.05
revert-c7057e5e
Confidentiality Requirement updated: low -> high
S
Sebastian Kawelke updated the risk assessment from 2.75 to 3.05
main
Confidentiality Requirement updated: low -> high
S
Sebastian Kawelke updated the risk assessment from 2.75 to 3.05
attest
Confidentiality Requirement updated: low -> high
S
Sebastian Kawelke updated the risk assessment from 2.75 to 3.05
0.9.0
Confidentiality Requirement updated: low -> high
S
Sebastian Kawelke updated the risk assessment from 2.75 to 3.05
feautre/sarif-sbom-upload-components
Confidentiality Requirement updated: low -> high
S
Sebastian Kawelke updated the risk assessment from 2.75 to 3.05
chore/adds-additional-env-flags
Confidentiality Requirement updated: low -> high
S
Sebastian Kawelke updated the risk assessment from 2.75 to 3.05
0.11.1
Confidentiality Requirement updated: low -> high
S
Sebastian Kawelke updated the risk assessment from 2.75 to 3.05
add-jobs-tags
Confidentiality Requirement updated: low -> high
System fixed CVE-2023-7104
attest
System fixed CVE-2023-7104
0.11.1
System fixed CVE-2023-7104
examples
System fixed CVE-2023-7104
0.9.0
System fixed CVE-2023-7104
chore/adds-additional-env-flags
System fixed CVE-2023-7104
revert-c7057e5e
System fixed CVE-2023-7104
add-jobs-tags
System fixed CVE-2023-7104
fix-attest.yaml
System fixed CVE-2023-7104
feautre/sarif-sbom-upload-components
System fixed CVE-2023-7104
add-first-party-scan-to-gitlap-pipeline
System fixed CVE-2023-7104
main
System detected CVE-2023-7104 with a risk of 3.05
attest

Add a comment

Last calculated at:

Affected component

debian/sqlite3

Installed version:

3.40.1

Fixed in:

no patch available

Show in dependency graph

🛡️ DevGuard
Group
/🧩 DevGuard CI-Components
Repository

CVE-2023-7104

Add a comment

Affected component

Management decisions across the organization