CVE-2024-42698

Published: Aug 28, 2024Modified: Mar 18, 2025

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

Roughly Enough Items (REI) v.16.0.729 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index and decrement stack count in the Roughly Enough Items (REI) mod for Minecraft, which allows in-game item duplication.

Affected (1)

Products: Shedaniel: Roughlyenoughitems

1 product

Roughlyenoughitems

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Shedaniel Roughlyenoughitems	Before 16.0.744

Related CWEs

Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

References (2)

https://gist.github.com/apple502j/7b1af0082449c9bfbf910e9a25ef3595

Source: cve@mitre.org

Third Party Advisory

https://github.com/shedaniel/RoughlyEnoughItems/commit/e80ca84f1affb91d2388ddb298bfc6b141828cad

Source: cve@mitre.org

Patch

Timeline

No history available yet.