CNNVD-202510-1724 Information
CNNVD ID
CNNVD-202510-1724
Related CVE
- CNNVD Published: 2025-10-14
Description (Chinese)
Parse-SDK-JS是Parse Platform开源的一个用于解析平台的开发者工具包。 Parse-SDK-JS 7.0.0之前版本存在安全漏洞,该漏洞源于注入恶意有效载荷,可能导致远程执行任意代码。
Description (English)
Parse-SDK-JS is a tool kit for developers of the Parse Platform Open Source for the Analysis Platform. The previous version of Parse-SDK-JS 7.0.0 had a security loophole, which stemmed from the injection of a malicious payload, which could lead to the remote implementation of any code.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Parse Platform
Published
2025-10-14
Last Modified
2026-02-24
References
https://github.com/parse-community/Parse-SDK-JS/releases/tag/7.0.0-alpha.1 https://github.com/parse-community/Parse-SDK-JS/security/advisories/GHSA-9f2h-7v79-mxw3 https://github.com/parse-community/Parse-SDK-JS/commit/00973987f361368659c0c4dbf669f3897520b132 https://github.com/parse-community/Parse-SDK-JS/pull/2749 https://access.redhat.com/security/cve/cve-2025-62374
Patch
https://github.com/parse-community/Parse-SDK-JS/releases
Share on: