CVE-2020-26207

Published November 4th, 2020

View on NVD ↗

CVSS v3

HIGH

CVSS v2

6.8

MEDIUM

Affected

PROJECT

Description

DatabaseSchemaViewer before version 2.7.4.3 is vulnerable to arbitrary code execution if a user is tricked into opening a specially crafted `.dbschema` file. The patch was released in v2.7.4.3. As a workaround, ensure `.dbschema` files from untrusted sources are not opened.

martinjw/dbschemareader

Read database metadata (from SqlServer/Oracle/MySql/SQLite/PostgreSql/DB2 etc) into one simple model

GitHub

300