Our scan tool reports vulnerabilities CVE-2023-3817, CVE-2023-0465, CVE-2023-2650, CVE-2023-0464, CVE-2023-0466 in openssl 1.1.1t used by SQLCipher.
Does these vulnerabilities affect the library net.zetetic:android-database-sqlcipher?
SQLCipher is not affected by these CVE’s. SQLCipher does not utilize Diffie–Hellman, certificate verification, ASN.1, and X.509 features of OpenSSL which are impacted by these CVE’s. SQLCipher for Android is also not affected.