4 matches found
CVE-2022-24760
Parse Server is an open source http web server backend. In versions prior to 4.10.7 there is a Remote Code Execution RCE vulnerability in Parse Server. This vulnerability affects Parse Server in the default configuration with MongoDB. The main weakness that leads to RCE is the Prototype Pollution...
Microsoft Windows Parse Server Prototype Pollution (CVE-2022-24760)
A prototype pollution vulnerability exists in Microsoft Windows Parse Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2022-24760 Command Injection in Parse server
Parse Server is an open source http web server backend. In versions prior to 4.10.7 there is a Remote Code Execution RCE vulnerability in Parse Server. This vulnerability affects Parse Server in the default configuration with MongoDB. The main weakness that leads to RCE is the Prototype Pollution...
@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @peterpme/parse-server-mailgun (>=2.4.8 <=2.5.11) +19 more potentially affected by CVE-2022-24760 via parse-server (>=2.0.8 <=3.10.0)
parse-server NPM version =2.0.8, =1.0.5, =2.4.8, =1.0.0, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.0, =1.0.0, =1.0.0, =1.4.0 and more Source cves: CVE-2022-24760 Source advisory: OSV:GHSA-P6H4-93QP-JHCM...