4 matches found
PT-2024-40526 · Unknown · Pocketmine-Mp
Name of the Vulnerable Software and Affected Versions: PocketMine-MP versions prior to 5.11.2 Description: The issue occurs when a client sends a BookEditPacket with an InventorySlot greater than 35, causing the server to crash due to an unhandled exception thrown by BaseInventory-getItem. This...
Denial Of Service (DoS)
pocketmine/pocketmine-mp is vulnerable to denial of service. The vulnerability exists due to the unhandled exception in the stupidjsondecode function of InGamePacketHandler.php when decoding an invalid JSON response form, which allows an attacker to cause an application crash...
GHSA-WJFQ-88Q2-R34J Unhandled exception when decoding form response JSON
Impact When handling form responses from the client ModalFormResponsePacket, the Minecraft Windows client may send weird JSON that jsondecode can't understand. A workaround for this is implemented in InGamePacketHandler::stupidjsondecode. An InvalidArgumentException is thrown by this function whe...
Unhandled exception when decoding form response JSON
Impact When handling form responses from the client ModalFormResponsePacket, the Minecraft Windows client may send weird JSON that jsondecode can't understand. A workaround for this is implemented in InGamePacketHandler::stupidjsondecode. An InvalidArgumentException is thrown by this function whe...