3 matches found
PT-2023-32972 · Unknown · Pocketmine-Mp
Name of the Vulnerable Software and Affected Versions: PocketMine-MP versions prior to 4.18.0-ALPHA2 Description: The issue arises from the client sending a "mismatch" type InventoryTransactionPacket to request a resync of all currently open inventories. Since PocketMine-MP does not rate-limit...
PT-2022-28217 · Unknown · Adhocore/Json-Comment +1
Name of the Vulnerable Software and Affected Versions: PocketMine-MP affected versions not specified Description: The issue arises from the pocketmineentitySkin component not handling errors correctly when parsing skin geometry data. Specifically, it expects false to be returned in case of an...
Denial Of Service (DoS)
pocketmine/pocketmine-mp is vulnerable to denial of service. The vulnerability exists in the netItemStackToCore function in TypeConverter.php due to a lack of validation in item ids which allows an attacker to cause an application crash...