15 matches found
CVE-2022-31083
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 4.10.11 and 5.2.2, the certificate in the Parse Server Apple Game Center auth adapter not validated. As a result, authentication could potentially be bypassed by making a fake...
EUVD-2022-6147
Malicious code in bioql PyPI...
BIT-PARSE-2022-24901 Authentication bypass and denial of service (DoS) vulnerabilities in Apple Game Center auth adapter
Improper validation of the Apple certificate URL in the Apple Game Center authentication adapter allows attackers to bypass authentication, making the server vulnerable to DoS attacks. The vulnerability has been fixed by improving the URL validation and adding additional checks of the resource th...
BIT-PARSE-2022-31083 Authentication bypass in Parse Server Apple Game Center auth adapter
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 4.10.11 and 5.2.2, the certificate in the Parse Server Apple Game Center auth adapter not validated. As a result, authentication could potentially be bypassed by making a fake...
The vulnerability of the Apple Game Center authentication adapter allows a hacker to bypass the authentication process. This vulnerability is due to syntactic analysis by the Parse Server.
The vulnerability of the Apple Game Center authentication adapter relates to the lack of certificate verification. Exploiting this vulnerability allows a malicious actor to bypass the authentication process using a fake certificate...
GHSA-RH9J-F5F8-RVGC Authentication bypass vulnerability in Apple Game Center auth adapter
Impact The certificate in Apple Game Center auth adapter not validated. As a result, authentication could potentially be bypassed by making a fake certificate accessible via certain Apple domains and providing the URL to that certificate in an authData object. Patches To prevent this, a new...
CVE-2022-31083
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 4.10.11 and 5.2.2, the certificate in the Parse Server Apple Game Center auth adapter not validated. As a result, authentication could potentially be bypassed by making a fake...
CVE-2022-31083 Authentication bypass in Parse Server Apple Game Center auth adapter
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 4.10.11 and 5.2.2, the certificate in the Parse Server Apple Game Center auth adapter not validated. As a result, authentication could potentially be bypassed by making a fake...
CVE-2022-31083 Authentication bypass in Parse Server Apple Game Center auth adapter
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 4.10.11 and 5.2.2, the certificate in the Parse Server Apple Game Center auth adapter not validated. As a result, authentication could potentially be bypassed by making a fake...
CVE-2022-31083
Parse Server vulnerability CVE-2022-31083 affects the Apple Game Center auth adapter. Prior to versions 4.10.11 and 5.2.2, the certificate in this adapter was not validated, potentially allowing authentication bypass by supplying a forged certificate via certain Apple domains and an authData URL....
CVE-2022-31083 Authentication bypass in Parse Server Apple Game Center auth adapter
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 4.10.11 and 5.2.2, the certificate in the Parse Server Apple Game Center auth adapter not validated. As a result, authentication could potentially be bypassed by making a fake...
Parse Server 信任管理问题漏洞
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. A trust management issue vulnerability exists in versions of Parse Server prior to 5.2.2 that stems from an unvalidated certificate in the Apple Game Center authentication adapter, which can be...
PT-2022-3535 · Unknown · Parse Server
Name of the Vulnerable Software and Affected Versions: Parse Server versions prior to 4.10.11 and 5.2.2 Description: The issue is related to the lack of validation of the certificate in the Parse Server Apple Game Center auth adapter. This could potentially allow authentication to be bypassed by...
CVE-2022-24901 Authentication bypass and denial of service (DoS) vulnerabilities in Apple Game Center auth adapter
Improper validation of the Apple certificate URL in the Apple Game Center authentication adapter allows attackers to bypass authentication, making the server vulnerable to DoS attacks. The vulnerability has been fixed by improving the URL validation and adding additional checks of the resource th...
CVE-2022-24901 Authentication bypass and denial of service (DoS) vulnerabilities in Apple Game Center auth adapter
Improper validation of the Apple certificate URL in the Apple Game Center authentication adapter allows attackers to bypass authentication, making the server vulnerable to DoS attacks. The vulnerability has been fixed by improving the URL validation and adding additional checks of the resource th...