CVE-2023-46119
Parse Server may crash when uploading file without extension
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Parse Server crashes when uploading a file without extension. This vulnerability has been patched in versions 5.5.6 and 6.3.1.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Productos afectados
parse-community · parse-server¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://github.com/parse-community/parse-server/commit/686a9f282dc23c31beab3d93e6d21ccd0e1328fehttps://github.com/parse-community/parse-server/commit/fd86278919556d3682e7e2c856dfccd5beffbfc0https://github.com/parse-community/parse-server/releases/tag/5.5.6https://github.com/parse-community/parse-server/releases/tag/6.3.1https://github.com/parse-community/parse-server/security/advisories/GHSA-792q-q67h-w579