10 matches found
CVE-2025-62783
InventoryGui is a library for creating chest GUIs for Bukkit/Spigot plugins. Versions 1.6.1-SNAPSHOT and earlier contain a vulnerability where any plugin using the GuiStorageElement can allow item duplication when the experimental Bundle item feature is enabled on the server. The vulnerability is...
CVE-2025-62782
InventoryGui is a library for creating chest GUIs for Bukkit/Spigot plugins. Versions 1.6.3-SNAPSHOT and earlier contain a vulnerability where GUIs using GuiStorageElement can allow item duplication when the experimental Bundle item feature is enabled on the server. The vulnerability is resolved ...
InventoryGui allows item duplication in GUIs which use GuiStorageElement
Impact Any plugin using a GUI with the GuiStorageElement and allows taking out items out of that element. Patches InventoryGui 1.6.5 included in latest 1.6.5-SNAPSHOT by disabling GuiStorageElement when not running on 1.21.9 or later. Workarounds Not using the GuiStorageElement...
CVE-2025-62783
InventoryGui is a library for creating chest GUIs for Bukkit/Spigot plugins. Versions 1.6.1-SNAPSHOT and earlier contain a vulnerability where any plugin using the GuiStorageElement can allow item duplication when the experimental Bundle item feature is enabled on the server. The vulnerability is...
CVE-2025-62784
InventoryGui is a library for creating chest GUIs for Bukkit/Spigot plugins. Versions before 1.6.5 contain a vulnerability where any plugin using a GUI with the GuiStorageElement and allows taking out items out of that element can allow item duplication when the experimental Bundle item feature i...
CVE-2025-62784 InventoryGui allows item duplication in GUIs which use GuiStorageElement
InventoryGui is a library for creating chest GUIs for Bukkit/Spigot plugins. Versions before 1.6.5 contain a vulnerability where any plugin using a GUI with the GuiStorageElement and allows taking out items out of that element can allow item duplication when the experimental Bundle item feature i...
CVE-2025-62784
InventoryGui is a Bukkit/Spigot plugin GUI library. CVE-2025-62784 describes a vulnerability in versions prior to 1.6.5 where GUIs using GuiStorageElement can allow item duplication when items are taken out of that element with the experimental Bundle feature enabled on the server. The issue is r...
CVE-2025-62783 InventoryGui affected by item duplication in GUIs which use GuiStorageElement
InventoryGui is a library for creating chest GUIs for Bukkit/Spigot plugins. Versions 1.6.1-SNAPSHOT and earlier contain a vulnerability where any plugin using the GuiStorageElement can allow item duplication when the experimental Bundle item feature is enabled on the server. The vulnerability is...
CVE-2025-62782 InventoryGUI vulnerable to item duplication via Bundle items when using GuiStorageElement
InventoryGui is a library for creating chest GUIs for Bukkit/Spigot plugins. Versions 1.6.3-SNAPSHOT and earlier contain a vulnerability where GUIs using GuiStorageElement can allow item duplication when the experimental Bundle item feature is enabled on the server. The vulnerability is resolved ...
GHSA-RGVH-4M82-FVJQ InventoryGui allows item duplication with experimental "Bundle" item in GUIs which use GuiStorageElement
Impact Any plugin using the GuiStorageElement is impacted when used on a server which allows the currently experimental Bundle items. Patches Patched with https://github.com/Phoenix616/InventoryGui/commit/00e684bd689ebc60bcb5b83ce4ef3c5a01778494 "backported" to 1.6.3-SNAPSHOT Update to...