Описание
DatabaseSchemaViewer before version 2.7.4.3 is vulnerable to arbitrary code execution if a user is tricked into opening a specially crafted .dbschema file. The patch was released in v2.7.4.3. As a workaround, ensure .dbschema files from untrusted sources are not opened.
Ссылки
- PatchThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.7.4.3 (исключая)
cpe:2.3:a:databaseschemareader_project:dbschemareader:*:*:*:*:*:*:*:*
EPSS
Процентиль: 71%
0.00691
Низкий
8 High
CVSS3
8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-502
EPSS
Процентиль: 71%
0.00691
Низкий
8 High
CVSS3
8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-502