CVE-2023-32688

parse-server-push-adapter is the official Push Notification adapter for Parse Server. The Parse Server Push Adapter can crash Parse Server due to an invalid push notification payload. This issue has been patched in version 4.1.3.
Configurations

Configuration 1 (hide)

cpe:2.3:a:parseplatform:parse_server_push_adapter:*:*:*:*:*:node.js:*:*

History

02 Jun 2023, 18:58

Type Values Removed Values Added
References (MISC) https://github.com/parse-community/parse-server-push-adapter/security/advisories/GHSA-mxhg-rvwx-x993 - (MISC) https://github.com/parse-community/parse-server-push-adapter/security/advisories/GHSA-mxhg-rvwx-x993 - Patch, Vendor Advisory
References (MISC) https://github.com/parse-community/parse-server-push-adapter/pull/217 - (MISC) https://github.com/parse-community/parse-server-push-adapter/pull/217 - Patch
References (MISC) https://github.com/parse-community/parse-server-push-adapter/releases/tag/4.1.3 - (MISC) https://github.com/parse-community/parse-server-push-adapter/releases/tag/4.1.3 - Release Notes
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
CWE CWE-20
CPE cpe:2.3:a:parseplatform:parse_server_push_adapter:*:*:*:*:*:node.js:*:*
First Time Parseplatform parse Server Push Adapter
Parseplatform

27 May 2023, 04:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-05-27 04:15

Updated : 2023-12-10 15:01


NVD link : CVE-2023-32688

Mitre link : CVE-2023-32688

CVE.ORG link : CVE-2023-32688


JSON object : View

Products Affected

parseplatform

  • parse_server_push_adapter
CWE
CWE-20

Improper Input Validation