AZL-32297 CVE-2023-7104 affecting package sqlite for versions less than 3.39.2-3

🗓️ 29 Dec 2023 10:15:13Reported by GoogleType

osv

osv🔗 osv.dev👁 1 Views

Critical SQLite vulnerability up to 3.43.0 in sessionReadRecord causing heap overflow.

Reporter	Title	Published	Views	Family All 188
IBM Security Bulletins	Security Bulletin: A vulnerability in SQLite affects IBM Tivoli Composite Application Manager for Transactions (Response Time)	7 Oct 202415:19	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM webMethods API Management	25 Apr 202510:44	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities	26 Mar 202504:11	–	ibm
IBM Security Bulletins	Security Bulletin: AIX is vulnerable to arbitrary code execution due to RPM (CVE-2023-7104)	24 Apr 202422:04	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar Use Case Manager app is vulnerable to using components with known vulnerabilities	15 Apr 202502:23	–	ibm
IBM Security Bulletins	Security Bulletin: App Connect Enterprise Certified Container UBI updates	7 Mar 202414:53	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Storage Ceph is vulnerable to the Improper Restriction of Operations within the Bounds of a Memory Buffer in the RHEL UBI (CVE-2023-7104)	5 Aug 202420:42	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Observability with Instana (OnPrem) is affected by Multiple Security Vulnerabilities	30 May 202411:23	–	ibm
Tenable Nessus	Amazon Linux 2023 : lemon, sqlite, sqlite-analyzer (ALAS2023-2024-490)	23 Jan 202400:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : nspr, nspr-devel, nss (ALAS2023-2024-507)	6 Feb 202400:00	–	nessus

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2023-7104

21 Apr 2026 04:26Current

6Medium risk

Vulners AI Score6

CVSS 3.17.3

EPSS0.00133

sqlite vulnerability sessionReadRecord heap overflow patch recommended library identifier 248999