Lucene search

CVE-2024-39309

🗓️ 01 Jul 2024 22:03:15Reported by [email protected]Type

Parse Server vulnerability in SQL injection detection algorith

Reporter	Title	Published	Views	Family All 8
CVE	CVE-2024-39309	1 Jul 202422:15	–	cve
Vulnrichment	CVE-2024-39309 ZDI-CAN-23894: Parse Server literalizeRegexPart SQL Injection Authentication Bypass Vulnerability	1 Jul 202421:15	–	vulnrichment
OSV	GHSA-C2HR-CQG6-8J6R ZDI-CAN-23894: Parse Server literalizeRegexPart SQL Injection Authentication Bypass Vulnerability	1 Jul 202418:35	–	osv
OSV	CVE-2024-39309	1 Jul 202422:15	–	osv
OSV	BIT-PARSE-2024-39309	3 Jul 202407:30	–	osv
Cvelist	CVE-2024-39309 ZDI-CAN-23894: Parse Server literalizeRegexPart SQL Injection Authentication Bypass Vulnerability	1 Jul 202421:15	–	cvelist
Github Security Blog	ZDI-CAN-23894: Parse Server literalizeRegexPart SQL Injection Authentication Bypass Vulnerability	1 Jul 202418:35	–	github
Veracode	SQL Injection	2 Jul 202406:53	–	veracode

Source	Link
github	www.github.com/parse-community/parse-server/commit/2edf1e4c0363af01e97a7fbc97694f851b7d1ff3
github	www.github.com/parse-community/parse-server/pull/9168
github	www.github.com/parse-community/parse-server/commit/f332d54577608c5ad927255e06d8c694e2e0ff5b
github	www.github.com/parse-community/parse-server/security/advisories/GHSA-c2hr-cqg6-8j6r
github	www.github.com/parse-community/parse-server/pull/9167

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

01 Jul 2024 22:15Current

CVSS39.8

EPSS0.00045