EUVD-2022-29201

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-24300

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Minetest before 5.4.0 allows attackers to add or modify arbitrary meta fields of the same item stack as saved user input, aka ItemStack meta injection...

CVE-2023-1661

The Display post meta, term meta, comment meta, and user meta plugin for WordPress is vulnerable to Stored Cross-Site Scripting via post metadata in versions up to, and including, 0.4.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

SUSE CVE-2022-24300

Minetest before 5.4.0 allows attackers to add or modify arbitrary meta fields of the same item stack as saved user input, aka ItemStack meta injection...

Debian DSA-5075-1 : minetest - security update

The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5075 advisory. Several vulnerabilities have been discovered in Minetest, a sandbox video game and game creation system. These issues may allow attackers to manipulate game...

CVE-2022-24300

Minetest before 5.4.0 allows attackers to add or modify arbitrary meta fields of the same item stack as saved user input, aka ItemStack meta injection...

CVE-2022-24300

Minetest before 5.4.0 allows attackers to add or modify arbitrary meta fields of the same item stack as saved user input, aka ItemStack meta injection...

Design/Logic Flaw

Minetest before 5.4.0 allows attackers to add or modify arbitrary meta fields of the same item stack as saved user input, aka ItemStack meta injection...

UBUNTU-CVE-2022-24300

Minetest before 5.4.0 allows attackers to add or modify arbitrary meta fields of the same item stack as saved user input, aka ItemStack meta injection...

CVE-2022-24300

Minetest before 5.4.0 allows attackers to add or modify arbitrary meta fields of the same item stack as saved user input, aka ItemStack meta injection...

CVE-2022-24300

Minetest before 5.4.0 allows attackers to add or modify arbitrary meta fields of the same item stack as saved user input, aka ItemStack meta injection...

CVE-2022-24300

CVE-2022-24300 affects Minetest, where versions before 5.4.0 are vulnerable to an ItemStack meta injection flaw: attackers can add/modify arbitrary meta fields in the same item stack via saved user input. The OSV entry confirms the issue. Debian advisory DSA-5075-1 notes the vulnerabilities were ...

PT-2022-16591 · Minetest +1 · Minetest +1

Name of the Vulnerable Software and Affected Versions: Minetest versions prior to 5.4.0 Description: The issue allows attackers to add or modify arbitrary meta fields of the same item stack as saved user input, also known as ItemStack meta injection. Recommendations: For versions prior to 5.4.0,...