Denial Of Service (DoS)

PocketMine-MP is vulnerable to Denial Of Service DoS. The vulnerability is due to improper validation because the server does not verify uniqueness of packIds in STATUSSENDPACKS, allowing a malicious Bedrock client to send duplicate UUIDs and force repeated pack transfers until memory is exhauste...

Allocation of Resources Without Limits or Throttling

Overview pocketmine/pocketmine-mp is a highly customisable, open source server software for Minecraft: Bedrock Edition written in PHP Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the STATUSSENDPACKS handling of...