
parse-server
npm · An express module providing a Parse-compatible API server · Repository · Package
Security Advisories for parse-server in npm
High
12 months ago
Parse Server's custom object ID allows to acquire role privileges
npm
parse-server
Critical
over 1 year ago
ZDI-CAN-23894: Parse Server literalizeRegexPart SQL Injection Authentication Bypass Vulnerability
npm
parse-server
Critical
over 1 year ago
Server crashes on invalid Cloud Function or Cloud Job name
npm
parse-server
Critical
over 1 year ago
ZDI-CAN-19105: Parse Server literalizeRegexPart SQL Injection
npm
parse-server
High
almost 2 years ago
Parse Server may crash when uploading file without extension
npm
parse-server
High
about 2 years ago
Trigger `beforeFind` not invoked in internal query pipeline when fetching pointer
npm
parse-server
Critical
over 2 years ago
Parse Server vulnerable to remote code execution via MongoDB BSON parser through prototype pollution
npm
parse-server
Moderate
over 2 years ago
Phishing attack vulnerability by uploading malicious HTML file
npm
parse-server
High
over 2 years ago
Parse Server option `masterKeyIps` vulnerability to IP spoofing
npm
parse-server
High
almost 3 years ago
Parse Server is vulnerable to Prototype Pollution via Cloud Code Webhooks
npm
parse-server
High
almost 3 years ago
Parse Server vulnerable to Prototype Pollution via Cloud Code Webhooks or Cloud Code Triggers
npm
parse-server
Critical
almost 3 years ago
Remote code execution via MongoDB BSON parser through prototype pollution
npm
parse-server
High
almost 3 years ago
parse-server crashes when receiving file download request with invalid byte range
npm
parse-server
Low
about 3 years ago
parse-server auth adapter app ID validation can be circumvented
npm
parse-server
Moderate
about 3 years ago
parse-server's session object properties can be updated by foreign user if object ID is known
npm
parse-server
High
about 3 years ago
Parse Server vulnerable to brute force guessing of user sensitive data via search patterns
npm
parse-server
High
over 3 years ago
Authentication bypass vulnerability in Apple Game Center auth adapter
npm
parse-server
High
over 3 years ago
Authentication bypass and denial of service (DoS) vulnerabilities in Apple Game Center auth adapter
npm
parse-server
Critical
over 3 years ago
Command injection in Parse Server through prototype pollution
npm
parse-server
Moderate
about 4 years ago
parse-server new anonymous user session acts as if it's created with password
npm
parse-server