New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
RCE Vulnerability in Beekeeper Studio #1051
Comments
|
Let me investigate this. It is supposed to escape output, but I'll make sure it does. |
|
I have a fix in. I was escaping table VALUES, but not table HEADERS. There's a build in progress, can you take a look when it's done to see if you can break it again? build artifacts will appear here > https://github.com/beekeeper-studio/beekeeper-studio/actions/runs/1877329726 Also you've just reminded me I need a |
|
@sharpleung can you double check this build for me? https://github.com/beekeeper-studio/beekeeper-studio/actions/runs/1877329726 |
Sorry, I didn't see the message because of the time difference. ok i'll check again. |
|
@rathboma After checking, we believe the vulnerability has been fixed. We will actively contact you if we discover other security issues in the future.Thanks! :) |
|
Thank you! I'll push out a release tomorrow with this fix. |
author: Gqliang@Hillstone
Date: 2022-02-21
The text was updated successfully, but these errors were encountered: