Minecraft

minecraft

3 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-33245 1Minecraft 1Minecraft Jan 10, 2025 May 30, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Minecraft through 1.19 and 1.20 pre-releases before 7 (Java) allow arbitrary file overwrite, and possibly code execution, via crafted world data that contains a symlink.
CVE-2022-23884 1Minecraft 1Bedrock Server Nov 21, 2024 Mar 28, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Mojang Bedrock Dedicated Server 1.18.2 is affected by an integer overflow leading to a bound check bypass caused by PurchaseReceiptPacket::_read (packet deserializer).
CVE-2021-35054 1Minecraft 1Minecraft Nov 21, 2024 Jul 20, 2021 N/A· v4 7.5 HIGH· v3 4.3 MEDIUM· v2 Minecraft before 1.17.1, when online-mode=false is configured, allows path traversal for deletion of arbitrary JSON files.