Cve2021-3450& cve2021-3449

GreatAnn0827 · April 12, 2021, 7:01am

Hi,Are there any patches for CVE2021-3450& CVE2021-3449?

developernotes · April 12, 2021, 4:01pm

SQLCipher does not interface with X.509 public key certificates, nor the TLS component of OpenSSL and is not impacted by these CVE’s.

renzhepo · April 28, 2021, 12:25pm

Hello,is there any plan to update openssl 1.1.1j to openssl 1.1.1k? or modify CVE’s ?

developernotes · April 28, 2021, 1:10pm

For SQLCipher products which utilize OpenSSL, we tend to integrate the latest OpenSSL release when we issue new public releases of SQLCipher.

sjlombardo · April 28, 2021, 1:16pm

@renzhepo the version of OpenSSL will be updated in the next release. However, SQLCipher is not affected by these CVEs.

Topic		Replies	Views
New CVE-2022-4304, CVE-2022-4450,CVE-2022-0215,CVE-2022-0286, is sqlcipher effected? SQLCipher	5	692	March 10, 2023
Cve-2021-3711& cve-2021-3712 SQLCipher	2	513	November 1, 2021
Cve-2021-3711, cve-2021-3712, cve-2021-3450 & cve-2021-3449 SQLCipher	2	530	November 1, 2021
New vulnerabilities in openssl SQLCipher	5	292	October 9, 2025
Some new vulnerabilities in openssl SQLCipher	1	143	November 5, 2024