Lucene search
K

15 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:42 a.m.13 views

CVE-2022-31083

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 4.10.11 and 5.2.2, the certificate in the Parse Server Apple Game Center auth adapter not validated. As a result, authentication could potentially be bypassed by making a fake...

8.6CVSS6.6AI score0.00804EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-6147

Malicious code in bioql PyPI...

8.6CVSS7.8AI score0.00804EPSS
Exploits0References8
OSV
OSV
added 2024/03/06 11:2 a.m.18 views

BIT-PARSE-2022-24901 Authentication bypass and denial of service (DoS) vulnerabilities in Apple Game Center auth adapter

Improper validation of the Apple certificate URL in the Apple Game Center authentication adapter allows attackers to bypass authentication, making the server vulnerable to DoS attacks. The vulnerability has been fixed by improving the URL validation and adding additional checks of the resource th...

7.5CVSS7.2AI score0.00639EPSS
Exploits0References2
OSV
OSV
added 2024/03/06 11:2 a.m.12 views

BIT-PARSE-2022-31083 Authentication bypass in Parse Server Apple Game Center auth adapter

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 4.10.11 and 5.2.2, the certificate in the Parse Server Apple Game Center auth adapter not validated. As a result, authentication could potentially be bypassed by making a fake...

8.6CVSS7.7AI score0.00804EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2022/07/13 12:0 a.m.4 views

The vulnerability of the Apple Game Center authentication adapter allows a hacker to bypass the authentication process. This vulnerability is due to syntactic analysis by the Parse Server.

The vulnerability of the Apple Game Center authentication adapter relates to the lack of certificate verification. Exploiting this vulnerability allows a malicious actor to bypass the authentication process using a fake certificate...

8.6CVSS7.2AI score0.00804EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2022/06/17 10:9 p.m.24 views

GHSA-RH9J-F5F8-RVGC Authentication bypass vulnerability in Apple Game Center auth adapter

Impact The certificate in Apple Game Center auth adapter not validated. As a result, authentication could potentially be bypassed by making a fake certificate accessible via certain Apple domains and providing the URL to that certificate in an authData object. Patches To prevent this, a new...

8.6CVSS8AI score0.00804EPSS
Exploits0References8
NVD
NVD
added 2022/06/17 7:15 p.m.39 views

CVE-2022-31083

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 4.10.11 and 5.2.2, the certificate in the Parse Server Apple Game Center auth adapter not validated. As a result, authentication could potentially be bypassed by making a fake...

8.6CVSS0.00804EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2022/06/17 6:15 p.m.6 views

CVE-2022-31083 Authentication bypass in Parse Server Apple Game Center auth adapter

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 4.10.11 and 5.2.2, the certificate in the Parse Server Apple Game Center auth adapter not validated. As a result, authentication could potentially be bypassed by making a fake...

8.6CVSS8.2AI score0.00804EPSS
Exploits0References4
Cvelist
Cvelist
added 2022/06/17 6:15 p.m.45 views

CVE-2022-31083 Authentication bypass in Parse Server Apple Game Center auth adapter

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 4.10.11 and 5.2.2, the certificate in the Parse Server Apple Game Center auth adapter not validated. As a result, authentication could potentially be bypassed by making a fake...

8.6CVSS8.4AI score0.00804EPSS
Exploits0References4
CVE
CVE
added 2022/06/17 6:15 p.m.102 views

CVE-2022-31083

Parse Server vulnerability CVE-2022-31083 affects the Apple Game Center auth adapter. Prior to versions 4.10.11 and 5.2.2, the certificate in this adapter was not validated, potentially allowing authentication bypass by supplying a forged certificate via certain Apple domains and an authData URL....

8.6CVSS7.4AI score0.00804EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/06/17 6:15 p.m.31 views

CVE-2022-31083 Authentication bypass in Parse Server Apple Game Center auth adapter

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 4.10.11 and 5.2.2, the certificate in the Parse Server Apple Game Center auth adapter not validated. As a result, authentication could potentially be bypassed by making a fake...

8.6CVSS7.5AI score0.00804EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/06/17 12:0 a.m.5 views

Parse Server 信任管理问题漏洞

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. A trust management issue vulnerability exists in versions of Parse Server prior to 5.2.2 that stems from an unvalidated certificate in the Apple Game Center authentication adapter, which can be...

8.6CVSS7.5AI score0.00804EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/06/17 12:0 a.m.5 views

PT-2022-3535 · Unknown · Parse Server

Name of the Vulnerable Software and Affected Versions: Parse Server versions prior to 4.10.11 and 5.2.2 Description: The issue is related to the lack of validation of the certificate in the Parse Server Apple Game Center auth adapter. This could potentially allow authentication to be bypassed by...

8.6CVSS7.4AI score0.00804EPSS
Exploits0References15
Cvelist
Cvelist
added 2022/05/04 1:10 a.m.13 views

CVE-2022-24901 Authentication bypass and denial of service (DoS) vulnerabilities in Apple Game Center auth adapter

Improper validation of the Apple certificate URL in the Apple Game Center authentication adapter allows attackers to bypass authentication, making the server vulnerable to DoS attacks. The vulnerability has been fixed by improving the URL validation and adding additional checks of the resource th...

7.5CVSS7.4AI score0.00639EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/05/04 1:10 a.m.5 views

CVE-2022-24901 Authentication bypass and denial of service (DoS) vulnerabilities in Apple Game Center auth adapter

Improper validation of the Apple certificate URL in the Apple Game Center authentication adapter allows attackers to bypass authentication, making the server vulnerable to DoS attacks. The vulnerability has been fixed by improving the URL validation and adding additional checks of the resource th...

7.5CVSS7.2AI score0.00639EPSS
Exploits0References1
Rows per page
Query Builder