pgsync 0.4.3

1 security vulnerability found in version 0.4.3

Connection security vulnerability with schema sync

high severity CVE-2021-31671
high severity CVE-2021-31671
Patched versions: >= 0.6.7

pgsync drops connection parameters when syncing the schema with the --schema-first and --schema-only options. Some of these parameters may affect security. For instance, if sslmode is dropped, the connection may not use SSL. The first connection parameter is not affected.

pgsync drops connection parameters when syncing the schema with the --schema-first and --schema-only options. Some of these parameters may affect security. For instance, if sslmode is dropped, the connection may not use SSL. The first connection parameter is not affected.

An example where sslmode is dropped (connect_timeout is not affected):

from: postgres://user:pass@host/dbname?connect_timeout=10&sslmode=require

This applies to both the to and from connections.

No officially reported memory leakage issues detected.


This gem version does not have any officially reported memory leaked issues.

No license issues detected.


This gem version has a license in the gemspec.

This gem version is available.


This gem version has not been yanked and is still available for usage.