5 matches found
CVE-2024-43395
CraftOS-PC 2 is a rewrite of the desktop port of CraftOS from the popular Minecraft mod ComputerCraft using C++ and a modified version of PUC Lua, as well as SDL for drawing. Prior to version 2.8.3, users of CraftOS-PC 2 on Windows can escape the computer folder and access files anywhere without...
CVE-2024-43395
CraftOS-PC 2 is a rewrite of the desktop port of CraftOS from the popular Minecraft mod ComputerCraft using C++ and a modified version of PUC Lua, as well as SDL for drawing. Prior to version 2.8.3, users of CraftOS-PC 2 on Windows can escape the computer folder and access files anywhere without...
CVE-2024-43395 CraftOS-PC 2's improperly sanitizied paths cause filesystem escape (Windows)
CraftOS-PC 2 is a rewrite of the desktop port of CraftOS from the popular Minecraft mod ComputerCraft using C++ and a modified version of PUC Lua, as well as SDL for drawing. Prior to version 2.8.3, users of CraftOS-PC 2 on Windows can escape the computer folder and access files anywhere without...
CVE-2024-43395
CraftOS-PC 2 on Windows is affected by a local filesystem escape vulnerability where an attacker can bypass the parent-directory check by obfuscating dots (..), allowing access to files outside the computer folder. This issue existed prior to version 2.8.3; a patch was released in 2.8.3. No explo...
CVE-2024-43395 CraftOS-PC 2's improperly sanitizied paths cause filesystem escape (Windows)
CraftOS-PC 2 is a rewrite of the desktop port of CraftOS from the popular Minecraft mod ComputerCraft using C++ and a modified version of PUC Lua, as well as SDL for drawing. Prior to version 2.8.3, users of CraftOS-PC 2 on Windows can escape the computer folder and access files anywhere without...