Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:gem/pgsync@0.6.7
purl pkg:gem/pgsync@0.6.7
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-9vzu-jxpm-hydw Connection security vulnerability with schema sync pgsync drops connection parameters when syncing the schema with the --schema-first and --schema-only options. Some of these parameters may affect security. For instance, if sslmode is dropped, the connection may not use SSL. The first connection parameter is not affected. pgsync drops connection parameters when syncing the schema with the `--schema-first` and `--schema-only` options. Some of these parameters may affect security. For instance, if `sslmode` is dropped, the connection may not use SSL. The first connection parameter is not affected. An example where `sslmode` is dropped (`connect_timeout` is not affected): ```yaml from: postgres://user:pass@host/dbname?connect_timeout=10&sslmode=require ``` This applies to both the `to` and `from` connections. CVE-2021-31671
GHSA-72rj-36qc-47g7

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-04T17:26:22.733239+00:00 GithubOSV Importer Fixing VCID-9vzu-jxpm-hydw https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/04/GHSA-72rj-36qc-47g7/GHSA-72rj-36qc-47g7.json 38.6.0
2026-06-04T16:21:07.016304+00:00 GitLab Importer Fixing VCID-9vzu-jxpm-hydw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/pgsync/CVE-2021-31671.yml 38.6.0