Vulnerabilidades em parse-community
117 resultadosCVE-2022-31083HIGHAuthentication bypass in Parse Server Apple Game Center auth adapter EPSS 0.8%CVE-2020-26288HIGHParse Server stores password in plain textEPSS 0.8%CVE-2022-39313HIGHParse Server crashes when receiving file download request with invalid byte rangeEPSS 0.7%CVE-2023-22474HIGHParse Server is vulnerable to authentication bypass via spoofingEPSS 0.7%CVE-2023-32689MEDIUMParse Server vulnerable to phishing attack vulnerability that involves uploading malicious HTML fileEPSS 0.6%CVE-2026-32248CRITICALParse Server: Account takeover via operator injection in authentication data identifierEPSS 0.6%CVE-2022-24901HIGHAuthentication bypass and denial of service (DoS) vulnerabilities in Apple Game Center auth adapter EPSS 0.6%CVE-2023-41058HIGHTrigger `beforeFind` not invoked in internal query pipeline in parse-serverEPSS 0.6%CVE-2026-47138HIGHParse Server: Pre-authentication denial of service via client version header regex backtrackingEPSS 0.6%CVE-2025-64430HIGHParse Server Vulnerable to Server-Side Request Forgery (SSRF) in File Upload via URI FormatEPSS 0.6%CVE-2026-30946HIGHParse Server affected by denial-of-service via unbounded query complexity in REST and GraphQL APIEPSS 0.6%CVE-2026-32770MEDIUMParse Server: LiveQuery subscription with invalid regular expression crashes serverEPSS 0.5%CVE-2026-30863CRITICALParse Server: JWT audience validation bypass in Google, Apple, and Facebook authentication adaptersEPSS 0.5%CVE-2026-32886HIGHParse Server's Cloud function dispatch crashes server via prototype chain traversalEPSS 0.5%CVE-2026-30939HIGHParse Server has Denial of Service (DoS) and Cloud Function Dispatch Bypass via Prototype Chain ResolutionEPSS 0.5%CVE-2026-32944HIGHParse Server crash via deeply nested query condition operatorsEPSS 0.5%CVE-2026-34573HIGHParse Server: GraphQL complexity validator exponential fragment traversal DoSEPSS 0.5%CVE-2026-33409HIGHParse Server: Auth provider validation bypass on login via partial authDataEPSS 0.5%CVE-2026-30941HIGHParse Server has a NoSQL injection via token type in password reset and email verification endpointsEPSS 0.5%CVE-2026-33539HIGHParse Server: SQL injection via aggregate and distinct field names in PostgreSQL adapterEPSS 0.5%