LOW
GHSA-mpx4-jmpr-vm8v
PGHoard: Password written to debug log
Details
### Impact When using .pgpass, database connection information including the username and password will be logged at the debug level.
### Patches Upgrade to version 2.7.1 or greater.
### Workarounds Filter out debug-level logs.
### References This issue was discovered by BugCrowd user DRAKOKORIAN.
Are you affected?
Enter the version of the package you're using.
Affected packages
PyPI / pghoard
Introduced in:
0 No fixed version published yet for pghoard (pip). Pin to a known-safe version or switch to an alternative.