Skip to content

Commit

Permalink
chore(release): 5.2.5 [skip ci]
Browse files Browse the repository at this point in the history
## [5.2.5](5.2.4...5.2.5) (2022-09-02)

### Bug Fixes

* brute force guessing of user sensitive data via search patterns; this fixes a security vulnerability in which internal and protected fields may be used as query constraints to guess the value of these fields and obtain sensitive data (GHSA-2m6g-crv8-p3c6) ([#8144](#8144)) ([e39d51b](e39d51b))
  • Loading branch information
semantic-release-bot committed Sep 2, 2022
1 parent e39d51b commit 83fd16c
Show file tree
Hide file tree
Showing 3 changed files with 9 additions and 2 deletions.
7 changes: 7 additions & 0 deletions changelogs/CHANGELOG_release.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,10 @@
## [5.2.5](https://github.com/parse-community/parse-server/compare/5.2.4...5.2.5) (2022-09-02)


### Bug Fixes

* brute force guessing of user sensitive data via search patterns; this fixes a security vulnerability in which internal and protected fields may be used as query constraints to guess the value of these fields and obtain sensitive data (GHSA-2m6g-crv8-p3c6) ([#8144](https://github.com/parse-community/parse-server/issues/8144)) ([e39d51b](https://github.com/parse-community/parse-server/commit/e39d51bd329cd978589983bd659db46e1d45aad4))

## [5.2.4](https://github.com/parse-community/parse-server/compare/5.2.3...5.2.4) (2022-06-30)


Expand Down
2 changes: 1 addition & 1 deletion package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "parse-server",
"version": "5.2.4",
"version": "5.2.5",
"description": "An express module providing a Parse-compatible API server",
"main": "lib/index.js",
"repository": {
Expand Down

0 comments on commit 83fd16c

Please sign in to comment.