DatabaseSchemaViewer is vulnerable to arbitrary code execution if a user is tricked into opening a specially crafted
The user should be careful not to open
.dbschema files from untrusted sources. See the Proof of Concept below.
While the file is opened as data, any arbitrary code defined in the file is executed without user consent.
Use a safer serializer,
XmlSerializer for example, that performs expected type checks. See Alvaro and Oleksandr slides for other safer serializer options.
This issue was discovered and reported by GHSL team member @JarLob (Jaroslav Lobačevski).
You can contact the GHSL team at
firstname.lastname@example.org, please include a reference to
GHSL-2020-141 in any communication regarding this issue.