BIT-PARSE-2021-39187 Crash server with query parameter

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to version 4.10.3, Parse Server crashes when if a query request contains an invalid value for the explain option. This is due to a bug in the MongoDB Node.js driver which throws an...

Denial Of Service

parse-server is vulnerable to denial of service. The vulnerability exists due to An attacker is able to crash the system by sending a query request containing an invalid explain option value...

Parse Server 注入漏洞

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. An injection vulnerability exists in versions of Parse Server prior to 4.10.3, which can cause the Parse Server to crash if a query request contains an invalid value for the "explain" option. T...

PT-2021-22444 · Unknown · Parse Server +1

Name of the Vulnerable Software and Affected Versions: Parse Server versions prior to 4.10.3 Description: The issue occurs when a query request contains an invalid value for the explain option, causing Parse Server to crash due to a bug in the MongoDB Node.js driver that throws an exception Parse...