Lucene search

Trigger `beforeFind` not invoked in internal query pipeline when fetching pointer

🗓️ 04 Sep 2023 22:41:40Reported by GoogleType

osv🔗 osv.dev👁 16 Views

`beforeFind` trigger bypass via Parse Pointe

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 9
Vulnrichment	CVE-2023-41058 Trigger `beforeFind` not invoked in internal query pipeline in parse-server	4 Sep 202322:39	–	vulnrichment
Cvelist	CVE-2023-41058 Trigger `beforeFind` not invoked in internal query pipeline in parse-server	4 Sep 202322:39	–	cvelist
Veracode	Incorrect Control Flow Implementation	5 Sep 202309:26	–	veracode
NVD	CVE-2023-41058	4 Sep 202323:15	–	nvd
OSV	CVE-2023-41058	4 Sep 202323:15	–	osv
OSV	BIT-parse-2023-41058	6 Mar 202411:00	–	osv
CVE	CVE-2023-41058	4 Sep 202323:15	–	cve
Prion	Information disclosure	4 Sep 202323:15	–	prion
Github Security Blog	Trigger `beforeFind` not invoked in internal query pipeline when fetching pointer	4 Sep 202322:40	–	github

Source	Link
github	www.github.com/parse-community/parse-server/security/advisories/GHSA-fcv6-fg5r-jm9q
nvd	www.nvd.nist.gov/vuln/detail/CVE-2023-41058
github	www.github.com/parse-community/parse-server/commit/be4c7e23c63a2fb690685665cebed0de26be05c5
docs	www.docs.parseplatform.org/parse-server/guide/
github	www.github.com/parse-community/parse-server
github	www.github.com/parse-community/parse-server/releases/tag/5.5.5
github	www.github.com/parse-community/parse-server/releases/tag/6.2.2

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

04 Sep 2023 22:40Current

6.8Medium risk

Vulners AI Score6.8

CVSS37.5

EPSS0.00214

SSVC