Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Vulnerability in MicrosoftEdgeWebView2RuntimeInstallerX86.exe #2501

Open
JaSc99 opened this issue Jun 7, 2022 · 1 comment
Open

Vulnerability in MicrosoftEdgeWebView2RuntimeInstallerX86.exe #2501

JaSc99 opened this issue Jun 7, 2022 · 1 comment
Assignees
@champnic
Labels
bug Something isn't working tracked We are tracking this work internally.

Comments

@JaSc99
Copy link

JaSc99 commented Jun 7, 2022
edited by champnic
Loading

Our vulnerability analysis tool (Black Duck Binary Analysis) detects CVE-2022-21227 in sqlite3 v3.34.1 used in the latest MicrosoftEdgeWebView2RuntimeInstallerX86.exe v1.3.161.35:

image

It would be good if you could update that sqlite3 component in the future to a newer version that has fixed this vulnerability! Because unfortunately, the latest available version v3.38.5 is also affected.

AB#39940959
@JaSc99 JaSc99 added the bug Something isn't working label Jun 7, 2022
@champnic champnic mentioned this issue Jun 9, 2022
Closed
@champnic champnic assigned champnic and unassigned LiangTheDev Jun 9, 2022
@champnic champnic added the tracked We are tracking this work internally. label Jun 9, 2022
@champnic
Copy link
Member

champnic commented Jun 9, 2022

Thanks for the bug report @JaSc99 - I've opened this on our backlog and will forward to our installer team.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@champnic champnic

Labels
bug Something isn't working tracked We are tracking this work internally.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@LiangTheDev @champnic @JaSc99