See [the link](/forumpost/247d4d7888) provided by Stephan, which is an excellent resource for anyone who thinks they should be worried about CVEs. Summary: CVEs are not a useful source of information for people who are concerned about bugs. Also, all three CVEs contain hyperlinks to the check-ins that fixed the problems they describe. <table border="1"> <tr><th>CVE<th>Fix Reported In The CVE</tr> <tr><td>[CVE-2020-11656](https://nvd.nist.gov/vuln/detail/CVE-2020-11656) <td><https://www.sqlite.org/src/info/d09f8c3621d5f7f8> <tr><td>[CVE-2020-9327](https://nvd.nist.gov/vuln/detail/CVE-2020-9327) <td><https://www.sqlite.org/cgi/src/info/abc473fb8fb99900> <tr><td>[CVE-2020-11655](https://www.sqlite.org/cgi/src/info/abc473fb8fb99900) <td><https://www3.sqlite.org/cgi/src/info/4a302b42c7bf5e11> </table>