Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: parse-community/parse-server
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 5.2.4
Choose a base ref
...
head repository: parse-community/parse-server
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 5.2.5
Choose a head ref
  • 2 commits
  • 6 files changed
  • 2 contributors

Commits on Sep 2, 2022

  1. fix: brute force guessing of user sensitive data via search patterns;… 

    … this fixes a security vulnerability in which internal and protected fields may be used as query constraints to guess the value of these fields and obtain sensitive data (GHSA-2m6g-crv8-p3c6) (#8144)
    @mtrezza
    mtrezza authored Sep 2, 2022
    Configuration menu
    Copy the full SHA
    e39d51b View commit details
    Browse the repository at this point in the history

  2. chore(release): 5.2.5 [skip ci] 

    ## [5.2.5](5.2.4...5.2.5) (2022-09-02)

### Bug Fixes

* brute force guessing of user sensitive data via search patterns; this fixes a security vulnerability in which internal and protected fields may be used as query constraints to guess the value of these fields and obtain sensitive data (GHSA-2m6g-crv8-p3c6) ([#8144](#8144)) ([e39d51b](e39d51b))
    @semantic-release-bot
    semantic-release-bot committed Sep 2, 2022
    Configuration menu
    Copy the full SHA
    83fd16c View commit details
    Browse the repository at this point in the history
Loading