← volver
CVE-2023-32688

Invalid push request payload crashes Parse Server

CVSS 4.9 MEDIUMEPSS 0.9%CWE-20
parse-server-push-adapter is the official Push Notification adapter for Parse Server. The Parse Server Push Adapter can crash Parse Server due to an invalid push notification payload. This issue has been patched in version 4.1.3.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Productos afectados
parse-community · parse-server-push-adapter

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/parse-community/parse-server-push-adapter/pull/217https://github.com/parse-community/parse-server-push-adapter/releases/tag/4.1.3https://github.com/parse-community/parse-server-push-adapter/security/advisories/GHSA-mxhg-rvwx-x993