Notes: 1. That CVE is fake news. It only applies if you are allowing malicious agents to inject arbitrary SQL into your application. And even then, the worst known outcome is denial of service. See [\[1\]][1] for more information about CVEs and SQLite. 2. The bug that the CVE is based on was fixed in SQLite version 3.32.3. 3. Relying on CVEs and believing the information you read in CVEs is not an effective security policy. [1]: https://www.sqlite.org/cves.html#cvetab \[1\] <https://www.sqlite.org/cves.html>