Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

parse-community — Vulnerabilities & Security Advisories 110

Browse all 110 CVE security advisories affecting parse-community. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products parse-community:parse-serverparse-dashboardparse-server-push-adapterParse-SDK-JS
CVE IDTitleCVSSSeverityPaused
CVE-2023-22474 Parse Server is vulnerable to authentication bypass via spoofing — parse-serverCWE-290 8.7 High2023-02-03
CVE-2022-39396 Parse Server vulnerable to Remote Code Execution via prototype pollution in MongoDB BSON parser — parse-serverCWE-1321 9.8 Critical2022-11-10
CVE-2022-41878 Parse Server Prototype pollution and Injection via Cloud Code Webhooks or Cloud Code Triggers — parse-serverCWE-74 7.2 High2022-11-10
CVE-2022-41879 Parse Server subject to Prototype pollution via Cloud Code Webhooks — parse-serverCWE-1321 7.2 High2022-11-10
CVE-2022-39313 Parse Server crashes when receiving file download request with invalid byte range — parse-serverCWE-1284 7.5 High2022-10-24
CVE-2022-39231 Parse Server subject to Improper Authentication allowing Auth adapter app ID validation to be circumvented — parse-serverCWE-287 3.7 Low2022-09-23
CVE-2022-39225 Parse Server subject to Incorrect Resource Transfer Between Spheres — parse-serverCWE-669 4.3 Medium2022-09-23
CVE-2022-36079 Parse Server vulnerable to brute force guessing of user sensitive data via search patterns — parse-serverCWE-200 8.6 High2022-09-07
CVE-2022-31112 Protected fields exposed via LiveQuery in parse-server — parse-serverCWE-200 8.2 High2022-06-30
CVE-2022-31089 Invalid file request can crashe parse-server — parse-serverCWE-706 7.5 High2022-06-27
CVE-2022-31083 Authentication bypass in Parse Server Apple Game Center auth adapter — parse-serverCWE-287 8.6 High2022-06-17
CVE-2022-24901 Authentication bypass and denial of service (DoS) vulnerabilities in Apple Game Center auth adapter — parse-serverCWE-295 7.5 High2022-05-04
CVE-2022-24760 Command Injection in Parse server — parse-serverCWE-74 10.0 Critical2022-03-11
CVE-2021-41109 LiveQuery publishes user session tokens — parse-serverCWE-200 7.5 High2021-09-30
CVE-2021-39187 Crash server with query parameter — parse-serverCWE-74 7.5 High2021-09-02
CVE-2021-39138 New anonymous user session acts as if it's created with password — parse-serverCWE-287 4.8 Medium2021-08-18
CVE-2020-26288 Parse Server stores password in plain text — parse-serverCWE-312 7.7 High2020-12-30
CVE-2020-15270 Improper session expiration in Parse Server — parse-serverCWE-672 4.3 Medium2020-10-22
CVE-2020-15126 Information disclosure through Viewer query in parse-server — parse-serverCWE-863 6.5 Medium2020-07-22
CVE-2020-5251 Information disclosure in parse-server — parse-serverCWE-285 7.7 High2020-03-04

This page lists every published CVE security advisory associated with parse-community. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.