GMS-2023-1616: Invalid push request payload crashes Parse Server
Impact
The Parse Server Push Adapter can crash Parse Server due to an invalid push notification payload.
References
- github.com/advisories/GHSA-mxhg-rvwx-x993
- github.com/parse-community/parse-server-push-adapter/commit/598cb84d0866b7c5850ca96af920e8cb5ba243ec
- github.com/parse-community/parse-server-push-adapter/pull/217
- github.com/parse-community/parse-server-push-adapter/releases/tag/4.1.3
- github.com/parse-community/parse-server-push-adapter/security/advisories/GHSA-mxhg-rvwx-x993
Code Behaviors & Features
Detect and mitigate GMS-2023-1616 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →