diff --git a/changelogs/CHANGELOG_release.md b/changelogs/CHANGELOG_release.md index a3784f64f3..0fd5eb8a9f 100644 --- a/changelogs/CHANGELOG_release.md +++ b/changelogs/CHANGELOG_release.md @@ -1,3 +1,10 @@ +## [5.5.5](https://github.com/parse-community/parse-server/compare/5.5.4...5.5.5) (2023-09-04) + + +### Bug Fixes + +* Parse Pointer allows to access internal Parse Server classes and circumvent `beforeFind` query trigger; fixes security vulnerability [GHSA-fcv6-fg5r-jm9q](https://github.com/parse-community/parse-server/security/advisories/GHSA-fcv6-fg5r-jm9q) ([6458ab0](https://github.com/parse-community/parse-server/commit/6458ab072ebaa0e6bbcf6ada696b3d0fb687402f)) + ## [5.5.4](https://github.com/parse-community/parse-server/compare/5.5.3...5.5.4) (2023-07-30) diff --git a/package-lock.json b/package-lock.json index 506405c02a..8b06ae7732 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,6 +1,6 @@ { "name": "parse-server", - "version": "5.5.4", + "version": "5.5.5", "lockfileVersion": 1, "requires": true, "dependencies": { diff --git a/package.json b/package.json index cfff58f8b9..a326a1496a 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "parse-server", - "version": "5.5.4", + "version": "5.5.5", "description": "An express module providing a Parse-compatible API server", "main": "lib/index.js", "repository": {