Our internal binary scan tool reported below vulnerabilities
Do these vulnerabilities affect the zetetic library “net.zetetic:android-database-sqlcipher:4.4.3” ?
If yes, could you explain the rationale?
What is the fix plan?
Hello @shiva . You should consider upgrading to SQLCipher 4.5.2.
Currently we are using 4.4.3version and Kindly let us know whether the above vulnerabilities affect this library (“net.zetetic:android-database-sqlcipher:4.4.3”)
If you google sqlcipher followed by the CVE string you will find our comments on every one of those CVEs from previous posts. If you are an existing commercial or enterprise edition subscriber you can contact us at firstname.lastname@example.org for summarized feedback.