Lucene search
GoogleOSV:GHSA-XW6G-JJVF-WWF9HistoryJun 20, 2022 - 10:25 p.m.
Invalid file request can crash server
2022-06-2022:25:46
Google
osv.dev
12
invalid file request
server crash
availability impact
parse server
EPSS
0.001
Percentile
39.2%
Impact
Certain types of invalid files requests are not handled properly and can crash the server. If you are running multiple Parse Server instances in a cluster, the availability impact may be low; if you are running Parse Server as a single instance without redundancy, the availability impact may be high.
Patches
To prevent this, invalid requests are now properly handled.
Workarounds
None
References
- https://github.com/parse-community/parse-server/security/advisories/GHSA-xw6g-jjvf-wwf9
- https://github.com/parse-community/parse-server
For more information
- For questions or comments about this vulnerability visit our community forum or community chat
- Report other vulnerabilities at report.parseplatform.org
Related
github
github
Invalid file request can crash server
2022-06-20 22:25:46
veracode
veracode
Denial Of Service (DoS)
2022-06-21 05:47:35
prion
prion
Code injection
2022-06-27 21:15:00
cvelist
cvelist
CVE-2022-31089 Invalid file request can crashe parse-server
2022-06-27 21:10:11
nvd
nvd
CVE-2022-31089
2022-06-27 21:15:08
osv
osv
BIT-parse-2022-31089
2024-03-06 11:02:37
CVE-2022-31089
2022-06-27 21:15:08
cnvd
cnvd
Parse Server Denial of Service Vulnerability
2022-06-30 00:00:00
cve
cve
CVE-2022-31089
2022-06-27 21:15:08