GHSA-xw6g-jjvf-wwf9

Source
https://github.com/advisories/GHSA-xw6g-jjvf-wwf9
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/06/GHSA-xw6g-jjvf-wwf9/GHSA-xw6g-jjvf-wwf9.json
Aliases
Published
2022-06-20T22:25:46Z
Modified
2023-12-06T01:02:18.379006Z
Details

Impact

Certain types of invalid files requests are not handled properly and can crash the server. If you are running multiple Parse Server instances in a cluster, the availability impact may be low; if you are running Parse Server as a single instance without redundancy, the availability impact may be high.

Patches

To prevent this, invalid requests are now properly handled.

Workarounds

None

References

  • https://github.com/parse-community/parse-server/security/advisories/GHSA-xw6g-jjvf-wwf9
  • https://github.com/parse-community/parse-server

For more information

References

Affected packages

npm / parse-server

Package

Affected ranges

Type
SEMVER
Events
Introduced
0The exact introduced commit is unknown
Fixed
4.10.12

npm / parse-server

Package

Affected ranges

Type
SEMVER
Events
Introduced
5.0.0
Fixed
5.2.3