Our scan tool reports vulnerabilies CVE-2024-4741 in openssl 1. 1.1q used by SQLCipher 4.5.2.Does these vulnerabilities affect the library net.zetetic:androidx-database-sqlcipher? Thaniks

Question

Our scan tool reports vulnerabilies CVE-2024-4741 in openssl 1. 1.1q used by SQLCipher 4.5.2.Does these vulnerabilities affect the library net.zetetic:androidx-database-sqlcipher? Thaniks

lierliang12345 opened this issue a year ago · 1 comments

Our scan tool reports vulnerabilies CVE-2024-4741 in openssl 1. 1.1q used by SQLCipher 4.5.2.Does these vulnerabilities affect the library net.zetetic:androidx-database-sqlcipher?
Thaniks

Answer 1 · 2024-05-30T13:38:39.000Z

@lierliang12345 no SQLCipher is not affected. But you should consider upgrading to the latest SQLCipher release regardless, as there are other fixes and improvements.