GHSA-XP4F-G2CM-RHG7 PocketMine-MP has LogDoS by many junk properties in client data JWT in LoginPacket

Impact Attackers can fill the body of the clientData JWT in LoginPacket with lots of junk properties, causing the server to flood warning messages, as well as wasting CPU time. This happens because the JsonMapper instance used to process the JWT body is configured to warn on unexpected properties...

Denial Of Service (DoS)

pocketmine/pocketmine-mp is vulnerable to Denial Of Service DoS. The vulnerability exists in due to the netresearch/jsonmapper dependency due to improper mappings of JSON arrays and objects onto scalar model properties which allows an attacker to send malformed JWT JSON in the LoginPacket causing...

MAL-2022-736 Malicious code in @wso-utils/json-mapper (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 275a64b90c3271f70176e0f443e4c3fee846cbe29ff0a971ea3dd2ee5b6b7fde Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...