CVE-2021-39187

Improper Handling of Exceptional Conditions in npm/parse-server

Identifier

CVE-2021-39187

Package Slug

npm/parse-server

Vulnerability

Improper Handling of Exceptional Conditions

Description

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Parse Server crashes if a query request contains an invalid value for the explain option. This is due to a bug in the MongoDB Node.js driver which throws an exception that Parse Server cannot catch.

Affected Versions

All versions before 4.10.3

Solution

Upgrade to version 4.10.3 or above.

Last Modified

2021-09-13

source