Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-musl-x64 to version 6.0.3 or higher. References - Dotnet Announcement - Dotnet Issue -...

Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.Mono.android-arm64 to version 6.0.3 or higher. References - Dotnet Announcement - Dotnet Issue...

Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86 to version 6.0.3 or higher. References - Dotnet Announcement - Dotnet...

Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.Mono.linux-arm64 to version 6.0.3 or higher. References - Dotnet Announcement - Dotnet Issue -...

Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm.Msi.x64 to version 6.0.3 or higher. References - Dotnet...

Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.arm64 to version 6.0.3 or higher. References - Dotnet Announcement - Dotnet...

Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.arm64 to version 6.0.3 or higher. References - Dotnet Announcement...

Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.maccatalyst-arm64 to version 6.0.3 or higher. References - Dotnet Announceme...

Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.x86 to version 6.0.3 or higher. References - Dotnet Announcement - Dotn...

Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-musl-arm to version 6.0.3 or higher. References - Dotnet Announcement - Dotnet Issue -...

Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.osx-x64 to version 6.0.3 or higher. References - Dotnet Announcement - Dotnet...

Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.Mono.linux-x64 to version 6.0.3 or higher. References - Dotnet Announcement - Dotnet Issue -...

Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.arm64 to version 6.0.3 or higher. References - Dotnet Announcement -...

Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.maccatalyst-x64 to version 6.0.3 or higher. References - Dotnet Announcement...

Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.browser-wasm to version 6.0.3 or higher. References - Dotnet Announcement -...

Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-x86 to version 6.0.3 or higher. References - Dotnet Announcement - Dotnet Issue - Microsof...

Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64 to version 6.0.3 or higher. References - Dotnet Announcement - Dotnet...

@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @peterpme/parse-server-mailgun (>=2.4.8 <=2.5.11) +19 more potentially affected by CVE-2022-39313 via parse-server (>=2.0.8 <=3.10.0)

parse-server NPM version =2.0.8, =1.0.5, =2.4.8, =1.0.0, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.0, =1.0.0, =1.0.0, =1.4.0 and more Source cves: CVE-2022-39313 Source advisory: OSV:GHSA-H423-W6QV-2WJ3...

parse-server crashes when receiving file download request with invalid byte range

Impact Parse Server crashes when a file download request is received with an invalid byte range. Patches Improved parsing of the range parameter to properly handle invalid range requests. Workarounds None References - GHSA-h423-w6qv-2wj3...

GHSA-H423-W6QV-2WJ3 parse-server crashes when receiving file download request with invalid byte range

Impact Parse Server crashes when a file download request is received with an invalid byte range. Patches Improved parsing of the range parameter to properly handle invalid range requests. Workarounds None References - GHSA-h423-w6qv-2wj3...