CVE-2020-26207

Deserialization of Untrusted Data in nuget/DatabaseSchemaReader

Identifiers

CVE-2020-26207, GHSA-rfjh-m356-mpqf

Package Slug

nuget/DatabaseSchemaReader

Vulnerability

Deserialization of Untrusted Data

Description

DatabaseSchemaViewer is vulnerable to arbitrary code execution if a user is tricked into opening a specially crafted .dbschema file. As a workaround, ensure .dbschema files from untrusted sources are not opened.

Affected Versions

All versions before 2.7.4.3

Solution

Unfortunately, there is no solution available yet.

Last Modified

2020-11-16

source