Zetetic: >> Sqlcipher >> 4.4.2 Security Vulnerabilities
Zetetic SQLCipher 4.x before 4.4.3 has a NULL pointer dereferencing issue related to sqlcipher_export in crypto.c and sqlite3StrICmp in sqlite3.c. This may allow an attacker to perform a remote denial of service attack. For example, an SQL injection can be used to execute the crafted SQL command sequence, which causes a segmentation fault.
CVSS Score
7.5
EPSS Score
0.006
Published
2021-03-25