{"id":"GHSA-2479-qvv7-47qq","summary":"Parse Server before v3.4.1 vulnerable to Denial of Service","details":"### Impact\n\nIf a POST request is made to /parse/classes/_Audience (or other volatile class), any subsuquent POST requests result in an internal server error (500).\n\n\n### Patches\nAfflicted installations will also have to remove the offending collection from their database.\n\nYes, patched in 3.4.1\n\n### Workarounds\n\nYes, user can apply: https://github.com/parse-community/parse-server/commit/8709daf698ea69b59268cb66f0f7cee75b52daa5\n\n### References\nNothing other than this advisory at this time\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [parse-server](https://github.com/parse-community/parse-server)\n* Email us at [security@parseplatform.org](mailto:security@parseplatform.org)\n","aliases":["CVE-2019-1020012"],"modified":"2026-02-04T04:13:55.724249Z","published":"2019-06-13T16:22:13Z","related":["CVE-2019-1020012"],"database_specific":{"github_reviewed_at":"2020-06-16T20:51:19Z","cwe_ids":["CWE-444"],"github_reviewed":true,"nvd_published_at":null,"severity":"HIGH"},"references":[{"type":"WEB","url":"https://github.com/parse-community/parse-server/security/advisories/GHSA-2479-qvv7-47qq"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1020012"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-2479-qvv7-47qq"},{"type":"PACKAGE","url":"https://github.com/parse-community/parse-server"},{"type":"WEB","url":"https://snyk.io/vuln/SNYK-JS-PARSESERVER-455635"},{"type":"WEB","url":"https://www.npmjs.com/advisories/1113"}],"affected":[{"package":{"name":"parse-server","ecosystem":"npm","purl":"pkg:npm/parse-server"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"3.4.1"}]}],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/06/GHSA-2479-qvv7-47qq/GHSA-2479-qvv7-47qq.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}