3 matches found
GHSA-3QPM-H9CH-PX3C Remote code injection, Improper Input Validation and Uncontrolled Recursion in Log4j library
Summary The version used of Log4j, the library used for logging by PowerNukkit, is subject to a remote code execution vulnerability via the ldap JNDI parser. It's well detailed at CVE-2021-44228 and CVE-2021-45105https://github.com/advisories/GHSA-p6xc-xr62-6r2g. Impact Malicious client code coul...
org.powernukkit:powernukkit-tests-junit5 (>=0.1.0 <=0.1.1) potentially affected by unknown CVE via org.powernukkit:powernukkit (=1.3.1.5-PN)
org.powernukkit:powernukkit MAVEN version =1.3.1.5-PN is affected by a known vulnerability. The following packages have a transitive dependency on org.powernukkit:powernukkit and may be impacted: - org.powernukkit:powernukkit-tests-junit5 =0.1.0, =0.1.1 Source cves: unknown CVE Source advisory:...
Remote code injection, Improper Input Validation and Uncontrolled Recursion in Log4j library
Summary The version used of Log4j, the library used for logging by PowerNukkit, is subject to a remote code execution vulnerability via the ldap JNDI parser. It's well detailed at CVE-2021-44228 and CVE-2021-45105https://github.com/advisories/GHSA-p6xc-xr62-6r2g. Impact Malicious client code coul...