CVE-2023-7332 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

PocketMine-MP versions prior to 4.18.1 contain an improper input validation vulnerability in inventory transaction handling. A remote attacker with a valid play…
High CVSS: 7.1

CVE-2023-7332

PocketMine-MP versions prior to 4.18.1 contain an improper input validation vulnerability in inventory transaction handling. A remote attacker with a valid player session can request that the server drop more items than are available in the player's hotbar, triggering a server crash and resulting in denial of service.
Vendor
-
Product
-
CWE
CWE-1284
Yayın Tarihi
2025-12-31 22:15:47
Güncelleme
2026-01-02 16:45:26
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-1284 HIGH 2025

Referanslar

https://github.com/pmmp/PocketMine-MP/blob/4.18.1/changelogs/4.18.md https://github.com/pmmp/PocketMine-MP/commit/5897476 https://github.com/pmmp/PocketMine-MP/security/advisories/GHSA-h87r-f4vc-mchv https://www.vulncheck.com/advisories/pocketmine-mp-improper-validation-of-dropped-item-count-allows-remote-server-crash