3 matches found
org.powernukkit:powernukkit-tests-junit5 (>=0.1.0 <=0.1.1) potentially affected by unknown CVE via org.powernukkit:powernukkit (=1.3.1.5-PN)
org.powernukkit:powernukkit MAVEN version =1.3.1.5-PN is affected by a known vulnerability. The following packages have a transitive dependency on org.powernukkit:powernukkit and may be impacted: - org.powernukkit:powernukkit-tests-junit5 =0.1.0, =0.1.1 Source cves: unknown CVE Source advisory:...
GHSA-3QPM-H9CH-PX3C Remote code injection, Improper Input Validation and Uncontrolled Recursion in Log4j library
Summary The version used of Log4j, the library used for logging by PowerNukkit, is subject to a remote code execution vulnerability via the ldap JNDI parser. It's well detailed at CVE-2021-44228 and CVE-2021-45105https://github.com/advisories/GHSA-p6xc-xr62-6r2g. Impact Malicious client code coul...
Remote code injection, Improper Input Validation and Uncontrolled Recursion in Log4j library
Summary The version used of Log4j, the library used for logging by PowerNukkit, is subject to a remote code execution vulnerability via the ldap JNDI parser. It's well detailed at CVE-2021-44228 and CVE-2021-45105https://github.com/advisories/GHSA-p6xc-xr62-6r2g. Impact Malicious client code coul...