In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsUpgrade postgres-protocol to version 0.6.12 or higher.
Affected versions of this package are vulnerable to Uncaught Exception via the postgres_protocol::types::hstore_from_sql function. An attacker can cause the client to panic and terminate unexpectedly by sending a specially crafted binary hstore value with an invalid internal length field from a malicious or compromised server. This is only exploitable if the client connects to untrusted or user-supplied servers, or if the connection can be intercepted by a man-in-the-middle.