{
   "document": {
      "aggregate_severity": {
         "text": "critical"
      },
      "category": "csaf_security_advisory",
      "csaf_version": "2.0",
      "distribution": {
         "tlp": {
            "label": "WHITE",
            "url": "https://www.first.org/tlp/"
         }
      },
      "lang": "en",
      "notes": [
         {
            "category": "description",
            "text": "An issue was found in fts5UnicodeTokenize() in ext/fts5/fts5_tokenize.c in Sqlite. A unicode61 tokenizer configured to treat unicode \"control-characters\" (class Cc), was treating embedded nul characters as tokens. The issue was fixed in sqlite-3.34.0 and later.",
            "title": "Vulnerability Description"
         }
      ],
      "publisher": {
         "category": "other",
         "contact_details": "gdt@cpan.org",
         "name": "giterlizzi",
         "namespace": "https://github.com/giterlizzi/"
      },
      "references": [
         {
            "category": "self",
            "summary": "CPANSA-DBD-SQLite-2021-20223-sqlite JSON",
            "url": "https://raw.githubusercontent.com/giterlizzi/perl-CPANSA-CSAF/develop/csaf/white/2022/cpansa-dbd-sqlite-2021-20223-sqlite.json"
         },
         {
            "category": "external",
            "summary": "https://github.com/sqlite/sqlite/commit/d1d43efa4fb0f2098c0e2c5bf2e807c58d5ec05b",
            "url": "https://github.com/sqlite/sqlite/commit/d1d43efa4fb0f2098c0e2c5bf2e807c58d5ec05b"
         },
         {
            "category": "external",
            "summary": "https://www.sqlite.org/forum/forumpost/09609d7e22",
            "url": "https://www.sqlite.org/forum/forumpost/09609d7e22"
         },
         {
            "category": "external",
            "summary": "https://sqlite.org/src/info/b7b7bde9b7a03665",
            "url": "https://sqlite.org/src/info/b7b7bde9b7a03665"
         },
         {
            "category": "external",
            "summary": "CVE-2021-20223 (NVD)",
            "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20223"
         }
      ],
      "title": "DBD-SQLite vulnerability",
      "tracking": {
         "current_release_date": "2022-08-25T00:00:00",
         "generator": {
            "engine": {
               "name": "CSAF Perl Toolkit",
               "version": "0.26"
            }
         },
         "id": "CPANSA-DBD-SQLite-2021-20223-sqlite",
         "initial_release_date": "2022-08-25T00:00:00",
         "revision_history": [
            {
               "date": "2022-08-25T00:00:00",
               "number": "1",
               "summary": "First release"
            }
         ],
         "status": "final",
         "version": "1"
      }
   },
   "product_tree": {
      "branches": [
         {
            "branches": [
               {
                  "category": "product_version_range",
                  "name": "vers:cpan/1.67_01",
                  "product": {
                     "name": "DBD-SQLite equal 1.67_01",
                     "product_id": "CSAFPID-0001",
                     "product_identification_helper": {
                        "purl": "pkg:cpan/DBD-SQLite"
                     }
                  }
               }
            ],
            "category": "product_name",
            "name": "DBD-SQLite"
         }
      ]
   },
   "vulnerabilities": [
      {
         "cve": "CVE-2021-20223",
         "notes": [
            {
               "category": "description",
               "text": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.",
               "title": "Vulnerability Description"
            }
         ],
         "product_status": {
            "known_affected": [
               "CSAFPID-0001"
            ]
         }
      }
   ]
}