Lucene search
HistoryMay 30, 2023 - 5:15 a.m.
CVE-2023-33245
minecraft
java
cve-2023-33245
nvd
security vulnerability
file overwrite
code execution
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
72.8%
Minecraft through 1.19 and 1.20 pre-releases before 7 (Java) allow arbitrary file overwrite, and possibly code execution, via crafted world data that contains a symlink.
Affected configurations
Node
minecraftminecraftRange≤1.19java
ORminecraftminecraftMatch1.20pre-release1java
ORminecraftminecraftMatch1.20pre-release2java
ORminecraftminecraftMatch1.20pre-release3java
ORminecraftminecraftMatch1.20pre-release4java
ORminecraftminecraftMatch1.20pre-release5java
ORminecraftminecraftMatch1.20pre-release6java
| CPE | Name | Operator | Version |
|---|---|---|---|
| minecraft:minecraft | minecraft | le | 1.19 |
| minecraft:minecraft | minecraft | eq | 1.20 |
Related
prion
prion
Code injection
2023-05-30 05:15:00
nvd
nvd
CVE-2023-33245
2023-05-30 05:15:12
cvelist
cvelist
CVE-2023-33245
2023-05-30 00:00:00
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
72.8%
Related for CVE-2023-33245