Home > Vulnerability Database > CVE-2023-32688

Mend.io Vulnerability Database

CVE-2023-32688

Good to know:

Date: May 26, 2023

parse-server-push-adapter is the official Push Notification adapter for Parse Server. The Parse Server Push Adapter can crash Parse Server due to an invalid push notification payload. This issue has been patched in version 4.1.3. Converted from WS-2023-0146, on 2023-05-28.

Language: JS

Severity Score

4.9

Related Resources (7)

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-32688

Url: https://github.com/parse-community/parse-server-push-adapter/commit/598cb84d0866b7c5850ca96af920e8cb5ba243ec

Url: https://github.com/parse-community/parse-server-push-adapter

Url: https://github.com/parse-community/parse-server-push-adapter/security/advisories/GHSA-mxhg-rvwx-x993

Url: https://github.com/parse-community/parse-server-push-adapter/pull/217

Url: https://github.com/parse-community/parse-server-push-adapter/releases/tag/4.1.3

Url: https://www.mend.io/vulnerability-database/CVE-2023-32688

Severity Score

4.9

Weakness Type (CWE)

Improper Input Validation

CWE-20

CVSS v3.1

Base Score:	4.9
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	HIGH
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2023-32688

Good to know:

Date: May 26, 2023

Language: JS

Severity Score

Related Resources (7)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?