Skip to content

[JDBC-V2] Make DatabaseMetaDataImpl use PreparedStatement. #2739

New issue
New issue
Open
Task
Open
[JDBC-V2] Make DatabaseMetaDataImpl use PreparedStatement.#2739
Task
Labels
area:jdbc-metadataissue handling metadata things like getting type of columnjdbc-v2jdbc-v2 issues
Milestone
0.9.8
@chernser

Description

@chernser
chernser
opened on Feb 9, 2026

Description

There are many places in DatabaseMetaDataImpl that construct a dynamic query. It is wrong because leads to a security issue.

  • All queries should use PreparedStatement
  • Where is it no possible - should be reviewed and needed escaping should be added

Metadata

Metadata

Assignees

No one assigned

    Labels

    area:jdbc-metadataissue handling metadata things like getting type of columnjdbc-v2jdbc-v2 issues

    Type

    Task

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions