CVE-2025-57324 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

parse is a package designed to parse JavaScript SDK. A Prototype Pollution vulnerability in the SingleInstanceStateController.initializeState function of parse…

Medium CVSS: 6.5

CVE-2025-57324

parse is a package designed to parse JavaScript SDK. A Prototype Pollution vulnerability in the SingleInstanceStateController.initializeState function of parse version 5.3.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service (DoS) as the minimum consequence.

Vendor

Product

Parse Javascript Sdk

CWE

Yayın Tarihi

2025-09-24 21:15:32

Güncelleme

2025-10-16 15:48:57

Source Identifier

cve@mitre.org

KEV Date Added

-

Kategoriler

CWE-1321 Parse Javascript Sdk MEDIUM Parseplatform 2025

Referanslar

https://github.com/VulnSageAgent/PoCs/blob/main/JavaScript/prototype-pollution/parse%405.3.0/index.js https://github.com/VulnSageAgent/PoCs/tree/main/JavaScript/prototype-pollution/CVE-2025-57324

Benzer Kayıtlar

High

CVE-2026-34215

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to version…

High

CVE-2026-34784

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to version…

Medium

CVE-2026-34595

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to version…

High

CVE-2026-34573

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to version…

Medium

CVE-2026-34574

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to version…

Critical

CVE-2026-34532

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to version…