GHSA-mxhg-rvwx-x993

Source
https://github.com/advisories/GHSA-mxhg-rvwx-x993
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/05/GHSA-mxhg-rvwx-x993/GHSA-mxhg-rvwx-x993.json
Aliases
Published
2023-05-22T19:50:04Z
Modified
2023-11-08T04:12:35.752455Z
Details

Impact

The Parse Server Push Adapter can crash Parse Server due to an invalid push notification payload.

Patches

Invalid push notification payload is caught and an logged.

Workarounds

n/a

References

  • https://github.com/parse-community/parse-server-push-adapter/security/advisories/GHSA-mxhg-rvwx-x993
  • https://github.com/parse-community/parse-server-push-adapter/pull/217
References

Affected packages

npm / parse-server-push-adapter

Affected ranges

Type
SEMVER
Events
Introduced
0The exact introduced commit is unknown
Fixed
4.1.3