Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 7:33 p.m.9 views

CVE-2022-39396

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Versions prior to 4.10.18, and prior to 5.3.1 on the 5.X branch, are vulnerable to Remote Code Execution via prototype pollution. An attacker can use this prototype pollution sink to trigger a...

9.8CVSS7.9AI score0.38717EPSS
Exploits0References1
Circl
Circl
added 2022/11/13 5:52 a.m.5 views

CVE-2022-39396

creationtimestamp| type| source ---|---|--- 2022-11-13 05:52:24+00:00| seen| https://t.me/cibsecurity/52927 2023-04-04 11:01:01+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/8053...

9.8CVSS8.7AI score0.38717EPSS
Exploits0References2
CVE
CVE
added 2022/11/10 12:0 a.m.137 views

CVE-2022-39396

Parse Server is vulnerable to Remote Code Execution via prototype pollution in the MongoDB BSON parser. Affected are versions prior to 4.10.18, and prior to 5.3.1 on the 5.X branch. The issue is fixed in 4.10.18 and in 5.3.1; there are no known workarounds."

9.8CVSS9.8AI score0.38717EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/10 12:0 a.m.9 views

CVE-2022-39396 Parse Server vulnerable to Remote Code Execution via prototype pollution in MongoDB BSON parser

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Versions prior to 4.10.18, and prior to 5.3.1 on the 5.X branch, are vulnerable to Remote Code Execution via prototype pollution. An attacker can use this prototype pollution sink to trigger a...

9.8CVSS9.8AI score0.38717EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2022/11/08 5:29 p.m.9 views

@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @peterpme/parse-server-mailgun (>=2.4.8 <=2.5.11) +19 more potentially affected by CVE-2022-39396 via parse-server (>=2.0.8 <=3.10.0)

parse-server NPM version =2.0.8, =1.0.5, =2.4.8, =1.0.0, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.0, =1.0.0, =1.0.0, =1.4.0 and more Source cves: CVE-2022-39396 Source advisory: OSV:GHSA-PRM5-8G2M-24GG...

9.8CVSS7.2AI score0.38717EPSS
Exploits0
Rows per page
Query Builder