3 matches found
CVE-2022-39313
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Versions prior to 4.10.17, and prior to 5.2.8 on the 5.x branch, crash when a file download request is received with an invalid byte range, resulting in a Denial of Service. This issue has been...
CVE-2022-39313
Parse Server is affected by a Denial of Service when handling a file download request with an invalid byte range. The issue occurs in versions prior to 4.10.17 and, on the 5.x branch, prior to 5.2.8, where such requests crash the server. Patches are available in v4.10.17 and v5.2.8. No workaround...
CVE-2022-39313 Parse Server crashes when receiving file download request with invalid byte range
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Versions prior to 4.10.17, and prior to 5.2.8 on the 5.x branch, crash when a file download request is received with an invalid byte range, resulting in a Denial of Service. This issue has been...