CVE-2023-46119
Summary
| CVE | CVE-2023-46119 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2023-10-25 18:17:00 UTC |
|---|
| Updated | 2023-11-01 17:09:00 UTC |
|---|
| Description | Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Parse Server crashes when uploading a file without extension. This vulnerability has been patched in versions 5.5.6 and 6.3.1. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| Release 5.5.6 · parse-community/parse-server · GitHub |
MISC |
github.com |
|
| Release 6.3.1 · parse-community/parse-server · GitHub |
MISC |
github.com |
|
| fix: Server crash when uploading file without extension; fixes securi… · parse-community/parse-server@fd86278 · GitHub |
MISC |
github.com |
|
| Server crash when uploading file without extension · Advisory · parse-community/parse-server · GitHub |
MISC |
github.com |
|
| fix: Server crash when uploading file without extension; fixes securi… · parse-community/parse-server@686a9f2 · GitHub |
MISC |
github.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 995700 NodeJs (Npm) Security Update for parse-server (GHSA-792q-q67h-w579)
