DevGuard Logo

🛡️ DevGuard
Group
/🧩 DevGuard CI-Components
Repository

Overview
Compliance
Artifacts
Code Risks
Dependency Risks
License Risks
Dependencies

CVE-2023-7104

A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999.

Open
LOW (3.0)
  • T

    Tim Bastin detected CVE-2023-7104 with a risk of 3.35

    main
  • T

    Tim Bastin fixed CVE-2023-7104

    main
  • T

    Tim Bastin detected CVE-2023-7104 with a risk of 2.54

    main
  • logo

    System fixed CVE-2023-7104

    main
  • logo

    System detected CVE-2023-7104 with a risk of 2.54

    main
  • logo

    System fixed CVE-2023-7104

    main
  • logo

    System detected CVE-2023-7104 with a risk of 2.54

    main
  • S

    Sebastian Kawelke updated the risk assessment from 2.54 to 2.75

    attest

    Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high

  • S

    Sebastian Kawelke updated the risk assessment from 2.75 to 3.05

    attest

    Confidentiality Requirement updated: low -> high

  • logo

    System fixed CVE-2023-7104

    attest
  • logo

    System detected CVE-2023-7104 with a risk of 3.05

    attest

Add a comment

Mark as False Positive
Last calculated at:

Affected component

debian/sqlite3

Installed version:
3.40.1
Fixed in:
no patch available
Show in dependency graph

Management decisions across the organization

GitHubImprintTerms of UsePrivacy
Copyright © 2025 L3montree GmbH and the DevGuard Contributors. All rights reserved. Version 2ab7b793efd72421aea8c3a994ac60202bf1b3a5