VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-bfmz-51vx-pqfn

Essentials
Severities (13)
References (6)
Severity details (10)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-bfmz-51vx-pqfn
Aliases	CVE-2020-15270 GHSA-2xm2-xj2q-qgpj
Summary	receiving subscription objects with deleted session
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-672	Operation on a Resource after Expiration or Release
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-15270
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-15270
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-15270
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-2xm2-xj2q-qgpj
cvssv3.1	4.3	https://github.com/parse-community/parse-server
generic_textual	MODERATE	https://github.com/parse-community/parse-server
cvssv3.1	4.3	https://github.com/parse-community/parse-server/commit/78b59fb26b1c36e3cdbd42ba9fec025003267f58
generic_textual	MODERATE	https://github.com/parse-community/parse-server/commit/78b59fb26b1c36e3cdbd42ba9fec025003267f58
cvssv3.1	4.3	https://github.com/parse-community/parse-server/security/advisories/GHSA-2xm2-xj2q-qgpj
cvssv3.1_qr	MODERATE	https://github.com/parse-community/parse-server/security/advisories/GHSA-2xm2-xj2q-qgpj
generic_textual	MODERATE	https://github.com/parse-community/parse-server/security/advisories/GHSA-2xm2-xj2q-qgpj
cvssv3.1	4.3	https://nvd.nist.gov/vuln/detail/CVE-2020-15270
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2020-15270

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2020-15270
		https://github.com/parse-community/parse-server
		https://github.com/parse-community/parse-server/commit/78b59fb26b1c36e3cdbd42ba9fec025003267f58
CVE-2020-15270		https://nvd.nist.gov/vuln/detail/CVE-2020-15270
GHSA-2xm2-xj2q-qgpj		https://github.com/advisories/GHSA-2xm2-xj2q-qgpj
GHSA-2xm2-xj2q-qgpj		https://github.com/parse-community/parse-server/security/advisories/GHSA-2xm2-xj2q-qgpj

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://github.com/parse-community/parse-server

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://github.com/parse-community/parse-server/commit/78b59fb26b1c36e3cdbd42ba9fec025003267f58

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://github.com/parse-community/parse-server/security/advisories/GHSA-2xm2-xj2q-qgpj

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2020-15270

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.48923
EPSS Score	0.00253
Published At	June 11, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-11T20:27:05.200439+00:00	GHSA Importer	Import	https://github.com/advisories/GHSA-2xm2-xj2q-qgpj	38.6.0