Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
BIT-parse-2026-32269
  • Bitnami/parse
 Parse Server OAuth2 adapter app ID validation sends wrong token to introspection endpoint yesterday
  • Fix available
  • Severity - 6.3 (Medium)
BIT-parse-2026-32248
  • Bitnami/parse
 Parse Server: Account takeover via operator injection in authentication data identifier yesterday
  • Fix available
  • Severity - 9.3 (Critical)
BIT-parse-2026-32242
  • Bitnami/parse
 Parse Server OAuth2 adapter shares mutable state across providers via singleton instance yesterday
  • Fix available
  • Severity - 9.1 (Critical)
BIT-gitlab-2026-1182
  • Bitnami/gitlab
 Improper Removal of Sensitive Information Before Storage or Transfer in GitLab 3 days ago
  • Fix available
  • Severity - 4.3 (Medium)
BIT-python-min-2025-13462
  • Bitnami/python-min
 tarfile: Skip DIRTYPE normalization during GNU LONGNAME/LONGLINK handling 4 days ago
  • Fix available
  • Severity - 2.0 (Low)
BIT-python-2025-13462
  • Bitnami/python
 tarfile: Skip DIRTYPE normalization during GNU LONGNAME/LONGLINK handling 4 days ago
  • Fix available
  • Severity - 2.0 (Low)
BIT-libpython-2025-13462
  • Bitnami/libpython
 tarfile: Skip DIRTYPE normalization during GNU LONGNAME/LONGLINK handling 4 days ago
  • Fix available
  • Severity - 2.0 (Low)
BIT-parse-2026-32234
  • Bitnami/parse
 Parse Server has a SQL injection via query field name when using PostgreSQL 4 days ago
  • Fix available
  • Severity - 5.1 (Medium)
BIT-parse-2026-32098
  • Bitnami/parse
 Parse Server has a protected fields bypass via LiveQuery subscription WHERE clause 4 days ago
  • Fix available
  • Severity - 6.9 (Medium)
BIT-parse-2026-31901
  • Bitnami/parse
 Parse Server has user enumeration via email verification endpoint 4 days ago
  • Fix available
  • Severity - 6.3 (Medium)
BIT-parse-2026-31875
  • Bitnami/parse
 Parse Server MFA recovery codes not consumed after use 4 days ago
  • Fix available
  • Severity - 8.2 (High)
BIT-parse-2026-31872
  • Bitnami/parse
 Parse Server has a protected fields bypass via dot-notation in query and sort 4 days ago
  • Fix available
  • Severity - 8.7 (High)
BIT-parse-2026-31871
  • Bitnami/parse
 Parse Server has a SQL Injection via dot-notation sub-key name in `Increment` operation on PostgreSQL 4 days ago
  • Fix available
  • Severity - 9.3 (Critical)
BIT-parse-2026-31868
  • Bitnami/parse
 Parse Server has Stored XSS via file upload of HTML-renderable file types 4 days ago
  • Fix available
  • Severity - 6.3 (Medium)
BIT-parse-2026-31856
  • Bitnami/parse
 Parse Server has a SQL injection via `Increment` operation on nested object field in PostgreSQL 4 days ago
  • Fix available
  • Severity - 9.3 (Critical)
BIT-parse-2026-31840
  • Bitnami/parse
 Parse Server has a SQL injection via dot-notation field name in PostgreSQL 4 days ago
  • Fix available
  • Severity - 9.3 (Critical)
Load more...