Unrated severityNVD Advisory· Published Mar 25, 2021· Updated Aug 3, 2024

CVE-2021-3119

Description

Zetetic SQLCipher 4.x before 4.4.3 has a NULL pointer dereferencing issue related to sqlcipher_export in crypto.c and sqlite3StrICmp in sqlite3.c. This may allow an attacker to perform a remote denial of service attack. For example, an SQL injection can be used to execute the crafted SQL command sequence, which causes a segmentation fault.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Zetetic/SQLCipherdescription
Zetetic/SQLCipherllm-fuzzy
Range: >=4.0, <4.4.3

Patches

Vulnerability mechanics

References

github.com/sqlcipher/sqlcipher/commit/cb71f53e8cea4802509f182fa5bead0ac6ab0e7fmitrex_refsource_MISC
www.telekom.com/resource/blob/621186/3fb50ca7a4a97728be18717ed7b0062c/dl-210308-critical-dos-vulnerability-in-sqlcipher-sql-command-processing-data.pdfmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000