13 matches found
EUVD-2021-0780
Malware in sbrugna...
CVE-2021-31671
pgsync before 0.6.7 is affected by Information Disclosure of sensitive information. Syncing the schema with the --schema-first and --schema-only options is mishandled. For example, the sslmode connection parameter may be lost, which means that SSL would not be used...
Information Disclosure
pgsync is vulnerable to information disclosure. The use of --schema-first and --schema-only options to sync the schema results in disclosure of confidential information due to the sslmode connection parameter being established without SSL...
GHSA-72RJ-36QC-47G7 Pgsync Contains Cleartext Transmission of Sensitive Information
pgsync before 0.6.7 is affected by Information Disclosure of sensitive information. Syncing the schema with the --schema-first and --schema-only options is mishandled. For example, the sslmode connection parameter may be lost, which means that SSL would not be used...
Pgsync Contains Cleartext Transmission of Sensitive Information
pgsync before 0.6.7 is affected by Information Disclosure of sensitive information. Syncing the schema with the --schema-first and --schema-only options is mishandled. For example, the sslmode connection parameter may be lost, which means that SSL would not be used...
Information Exposure
Overview pgsync is a Sync Postgres data between databases. Affected versions of this package are vulnerable to Information Exposure due to mishandling of schema syncing using the --schema-first and --schema-only flags, which may result in dropping security parameters. Remediation Upgrade pgsync t...
CVE-2021-31671
pgsync before 0.6.7 is affected by Information Disclosure of sensitive information. Syncing the schema with the --schema-first and --schema-only options is mishandled. For example, the sslmode connection parameter may be lost, which means that SSL would not be used...
CVE-2021-31671
pgsync before 0.6.7 is affected by Information Disclosure of sensitive information. Syncing the schema with the --schema-first and --schema-only options is mishandled. For example, the sslmode connection parameter may be lost, which means that SSL would not be used...
Information disclosure
pgsync before 0.6.7 is affected by Information Disclosure of sensitive information. Syncing the schema with the --schema-first and --schema-only options is mishandled. For example, the sslmode connection parameter may be lost, which means that SSL would not be used...
CVE-2021-31671
pgsync before 0.6.7 is affected by Information Disclosure of sensitive information. Syncing the schema with the --schema-first and --schema-only options is mishandled. For example, the sslmode connection parameter may be lost, which means that SSL would not be used...
CVE-2021-31671
Summary: CVE-2021-31671 affects pgsync prior to 0.6.7. The vulnerability arises from mishandling of schema syncing with --schema-first/--schema-only, which can drop the sslmode parameter, causing SSL to be unused and potentially exposing sensitive data. Impact details (as stated): Information Dis...
pgsync 安全漏洞
pgsync is an open source application. Synchronizes data from one Postgres database to another. A security vulnerability exists in versions prior to pgsync 0.6.7, which stems from being affected by the disclosure of sensitive information...
Connection security vulnerability with schema sync
pgsync drops connection parameters when syncing the schema with the --schema-first and --schema-only options. Some of these parameters may affect security. For instance, if sslmode is dropped, the connection may not use SSL. The first connection parameter is not affected. pgsync drops connection...