Lucene search
GitHub_MCVELIST:CVE-2023-32688HistoryMay 27, 2023 - 3:21 a.m.
CVE-2023-32688 Invalid push request payload crashes Parse Server
2023-05-2703:21:27
CWE-20
GitHub_M
www.cve.org
cve-2023-32688
parse server
push notification
adapter
patched
version 4.1.3
4.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
0.003 Low
EPSS
Percentile
69.3%
parse-server-push-adapter is the official Push Notification adapter for Parse Server. The Parse Server Push Adapter can crash Parse Server due to an invalid push notification payload. This issue has been patched in version 4.1.3.
CNA Affected
[
{
"vendor": "parse-community",
"product": "parse-server-push-adapter",
"versions": [
{
"version": "< 4.1.3",
"status": "affected"
}
]
}
]Related
veracode
veracode
Denial Of Services (DoS)
2023-05-24 03:48:17
prion
prion
Design/Logic Flaw
2023-05-27 04:15:00
osv
osv
CVE-2023-32688
2023-05-27 04:15:25
Invalid push request payload crashes Parse Server
2023-05-22 19:50:04
nvd
nvd
CVE-2023-32688
2023-05-27 04:15:25
cve
cve
CVE-2023-32688
2023-05-27 04:15:25
github
github
Invalid push request payload crashes Parse Server
2023-05-22 19:50:04
4.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
0.003 Low
EPSS
Percentile
69.3%
Related for CVELIST:CVE-2023-32688