6.0.0-alpha.31 (2023-01-31)
Bug Fixes
- Parse Server option
requestKeywordDenylistcan be bypassed via Cloud Code Webhooks or Triggers; fixes security vulnerability GHSA-xprv-wvh7-qqqx (#8302) (6728da1) - Prototype pollution via Cloud Code Webhooks; fixes security vulnerability GHSA-93vw-8fm5-p2jf (#8305) (60c5a73)
- Remote code execution via MongoDB BSON parser through prototype pollution; fixes security vulnerability GHSA-prm5-8g2m-24gg (#8295) (50eed3c)