CVE-2020-26207, GHSA-rfjh-m356-mpqf
nuget/DatabaseSchemaReader
Deserialization of Untrusted Data
DatabaseSchemaViewer
is vulnerable to arbitrary code execution if a user is tricked into opening a specially crafted .dbschema
file. As a workaround, ensure .dbschema
files from untrusted sources are not opened.
All versions before 2.7.4.3
Unfortunately, there is no solution available yet.
2020-11-16
source |