We ran vulnerabilty scan on our application that uses liquibase and a total of 80 critical(30) and high (50) rated CSVV3 vulnerabilities were detected.
The following components were detected as outdated and vulnerable:
- sqlite3 3.23.1
Below are the identified vulnerabilities
More details can be found at NVD - Vulnerabilities
Could someone help shed some light on when these components might get upgraded?
Please follow our SECURITY.md found here:
We will need to understand a few more details, as we also scan on our end before we release and do not release with critical nor high CVEs in the liquibase code.