Show plain JSON{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-32688", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-05-11T16:33:45.732Z", "datePublished": "2023-05-27T03:21:27.071Z", "dateUpdated": "2025-01-14T18:43:52.475Z"}, "containers": {"cna": {"title": "Invalid push request payload crashes Parse Server", "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "lang": "en", "description": "CWE-20: Improper Input Validation", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/parse-community/parse-server-push-adapter/security/advisories/GHSA-mxhg-rvwx-x993", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/parse-community/parse-server-push-adapter/security/advisories/GHSA-mxhg-rvwx-x993"}, {"name": "https://github.com/parse-community/parse-server-push-adapter/pull/217", "tags": ["x_refsource_MISC"], "url": "https://github.com/parse-community/parse-server-push-adapter/pull/217"}, {"name": "https://github.com/parse-community/parse-server-push-adapter/releases/tag/4.1.3", "tags": ["x_refsource_MISC"], "url": "https://github.com/parse-community/parse-server-push-adapter/releases/tag/4.1.3"}], "affected": [{"vendor": "parse-community", "product": "parse-server-push-adapter", "versions": [{"version": "< 4.1.3", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-05-27T03:21:27.071Z"}, "descriptions": [{"lang": "en", "value": "parse-server-push-adapter is the official Push Notification adapter for Parse Server. The Parse Server Push Adapter can crash Parse Server due to an invalid push notification payload. This issue has been patched in version 4.1.3.\n"}], "source": {"advisory": "GHSA-mxhg-rvwx-x993", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T15:25:36.587Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/parse-community/parse-server-push-adapter/security/advisories/GHSA-mxhg-rvwx-x993", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/parse-community/parse-server-push-adapter/security/advisories/GHSA-mxhg-rvwx-x993"}, {"name": "https://github.com/parse-community/parse-server-push-adapter/pull/217", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/parse-community/parse-server-push-adapter/pull/217"}, {"name": "https://github.com/parse-community/parse-server-push-adapter/releases/tag/4.1.3", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/parse-community/parse-server-push-adapter/releases/tag/4.1.3"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-01-14T18:43:44.546095Z", "id": "CVE-2023-32688", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-14T18:43:52.475Z"}}]}} 
ReportizFlow
MITRE
Vulnrichment
NVD
Redhat