Cve2021-3450& cve2021-3449

Hi,Are there any patches for CVE2021-3450& CVE2021-3449?

Hi @GreatAnn0827

SQLCipher does not interface with X.509 public key certificates, nor the TLS component of OpenSSL and is not impacted by these CVE’s.

1 Like

Hello,is there any plan to update openssl 1.1.1j to openssl 1.1.1k? or modify CVE’s ?

Hi @renzhepo

For SQLCipher products which utilize OpenSSL, we tend to integrate the latest OpenSSL release when we issue new public releases of SQLCipher.

@renzhepo the version of OpenSSL will be updated in the next release. However, SQLCipher is not affected by these CVEs.