Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

7 advisories

Loading
PocketMine-MP server crash with certain invalid JSON payloads in `LoginPacket` due to dependency vulnerability (3rd time) High
GHSA-h6j3-j35f-v2x7 was published for pocketmine/pocketmine-mp (Composer) Mar 6, 2024
dktapps MrDiamond64
PocketMine-MP server crash with certain invalid JSON payloads in `LoginPacket` due to dependency vulnerability (again) High
GHSA-92jh-gwch-jq38 was published for pocketmine/pocketmine-mp (Composer) Sep 14, 2023
alvin0319 dktapps
SvenRtbg
PocketMine-MP server crash due to incorrect EC curve used for LoginPacket identityPublicKey High
GHSA-79rc-jjh6-rc89 was published for pocketmine/pocketmine-mp (Composer) Sep 14, 2023
dktapps
PocketMine-MP vulnerable to server crash using badly formatted sign NBT in BlockActorDataPacket High
GHSA-7wrv-6h42-w54f was published for pocketmine/pocketmine-mp (Composer) Jul 14, 2023
ShockedPlot7560 dktapps
PocketMine-MP vulnerable to improperly checked dropped item count leading to server crash High
GHSA-h87r-f4vc-mchv was published for pocketmine/pocketmine-mp (Composer) Jun 6, 2023
dktapps
PocketMine-MP vulnerable to server crash with certain invalid JSON payloads in `LoginPacket` due to vulnerable dependency High
GHSA-pqp3-8rrw-g8vm was published for pocketmine/pocketmine-mp (Composer) Jun 6, 2023
aderoian dktapps
PocketMine MP vulnerable to uncontrolled resource consumption via mismatched type of 'InventoryTransactionPacket' Moderate
GHSA-42qm-8v8m-m78c was published for pocketmine/pocketmine-mp (Composer) Jun 1, 2023
dktapps
ProTip! Advisories are also available from the GraphQL API