Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

packagist

pocketmine/pocketmine-mp

packagist · A server software for Minecraft: Bedrock Edition written in PHP · Repository · Package

Security Advisories for pocketmine/pocketmine-mp in packagist

High
29 days ago

PocketMine-MP `ResourcePackDataInfoPacket` amplification vulnerability due to lack of resource pack sequence status checking GSA_kwCzR0hTQS1mcXF2LTU2aDUtZjU3Z84ABLmH

packagist pocketmine/pocketmine-mp
Moderate
7 months ago

PocketMine-MP allows malicious client data to waste server resources due to lack of limits for explode() GSA_kwCzR0hTQS1nMjc0LWM2amotaDc4cM4ABFPg

packagist pocketmine/pocketmine-mp
High
over 1 year ago

PocketMine-MP server crash with certain invalid JSON payloads in `LoginPacket` due to dependency vulnerability (3rd time) GSA_kwCzR0hTQS1oNmozLWozNWYtdjJ4N84AA5zM

packagist pocketmine/pocketmine-mp
High
over 1 year ago

PocketMine-MP BookEditPacket crash when inventory slot in the packet is invalid GSA_kwCzR0hTQS14YzdqLXdqMzYtcWpmcs4AA5zL

packagist pocketmine/pocketmine-mp
High
about 2 years ago

PocketMine-MP server crash with certain invalid JSON payloads in `LoginPacket` due to dependency vulnerability (again) GSA_kwCzR0hTQS05MmpoLWd3Y2gtanEzOM4AA13q

packagist pocketmine/pocketmine-mp
High
about 2 years ago

PocketMine-MP server crash due to incorrect EC curve used for LoginPacket identityPublicKey GSA_kwCzR0hTQS03OXJjLWpqaDYtcmM4Oc4AA13p

packagist pocketmine/pocketmine-mp
High
about 2 years ago

PocketMine-MP vulnerable to server crash using badly formatted sign NBT in BlockActorDataPacket GSA_kwCzR0hTQS03d3J2LTZoNDItdzU0Zs4AA0t5

packagist pocketmine/pocketmine-mp
High
over 2 years ago

PocketMine-MP vulnerable to improperly checked dropped item count leading to server crash GSA_kwCzR0hTQS1oODdyLWY0dmMtbWNods4AAzpK

packagist pocketmine/pocketmine-mp
High
over 2 years ago

PocketMine-MP vulnerable to server crash with certain invalid JSON payloads in `LoginPacket` due to vulnerable dependency GSA_kwCzR0hTQS1wcXAzLThycnctZzh2bc4AAzpJ

packagist pocketmine/pocketmine-mp
Moderate
over 2 years ago

PocketMine MP vulnerable to uncontrolled resource consumption via mismatched type of 'InventoryTransactionPacket' GSA_kwCzR0hTQS00MnFtLTh2OG0tbTc4Y84AAzlJ

packagist pocketmine/pocketmine-mp
Moderate
over 2 years ago

PocketMine-MP vulnerable to denial-of-service by sending large modal form responses GSA_kwCzR0hTQS03bTlyLXJxOWotd21taM4AAw1h

packagist pocketmine/pocketmine-mp
High
over 2 years ago

PocketMine-MP has improperly handled dye colour IDs in banner NBT, leading to server crash GSA_kwCzR0hTQS13cXF2LWpjZnItOWY1Z84AAw0x

packagist pocketmine/pocketmine-mp
High
about 3 years ago

PocketMine-MP invalid skin geometry JSON data leading to server crash GSA_kwCzR0hTQS04Y3dxLTRjbWYtcHg3M84AAuFv

packagist pocketmine/pocketmine-mp
High
over 3 years ago

Improperly checked IDs on itemstacks received from the client leading to server crash in PocketMine-MP GSA_kwCzR0hTQS1mcXgzLXI3NWgtdmM4Oc4AArad

packagist pocketmine/pocketmine-mp
Moderate
over 3 years ago

Denial-of-service vulnerability processing large chat messages containing many newlines GSA_kwCzR0hTQS1najk0LXY0cDktdzY3Ms4AArNE

packagist pocketmine/pocketmine-mp
High
over 3 years ago

Insufficient type validation in pocketmine/pocketmine-mp GSA_kwCzR0hTQS1nNXJyLXA2OWgtN3YzZ80_qQ

packagist pocketmine/pocketmine-mp
High
over 3 years ago

Improperly checked metadata on tools/armour itemstacks received from the client GSA_kwCzR0hTQS00NmM1LXBmajgtZnY2Nc00Jw

packagist pocketmine/pocketmine-mp
High
over 3 years ago

NaN/INF in serverbound movement packets can crash clients and servers GSA_kwCzR0hTQS1mbTM1LWpnZzMtM2dyeM00Gg

packagist pocketmine/pocketmine-mp
Moderate
over 3 years ago

Impersonation of other users (passing XBOX Live authentication) by theft of logins in PocketMine-MP GSA_kwCzR0hTQS1oNzl4LTk4cjItZzZxY80loQ

packagist pocketmine/pocketmine-mp
High
over 3 years ago

Unhandled exception when decoding form response JSON GSA_kwCzR0hTQS13amZxLTg4cTItcjM0as0log

packagist pocketmine/pocketmine-mp
High
over 3 years ago

Unchecked validity of Facing values in PlayerActionPacket GSA_kwCzR0hTQS14aDk5LWh3N2gtd2Y2M80iuQ

packagist pocketmine/pocketmine-mp
High
over 3 years ago

Uncapped length of skin data fields submitted by players GSA_kwCzR0hTQS1jNmZnLTk5cHItMjVtOc0g_g

packagist pocketmine/pocketmine-mp
Moderate
over 3 years ago

Book page text, count, and author/title length is not limited in PocketMine-MP GSA_kwCzR0hTQS1wNjJqLWhyeG0teGN4Zs0g_Q

packagist pocketmine/pocketmine-mp
Low
almost 4 years ago

Inability to de-op players if listed in ops.txt with non-lowercase letters GSA_kwCzR0hTQS1qNXFnLXc5amctM3dnM80cpA

packagist pocketmine/pocketmine-mp
High
almost 5 years ago

Exploitable inventory component chaining in PocketMine-MP MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThqcTYtdzVjZy13bTQ1

packagist pocketmine/pocketmine-mp

Filter by Severity

High 18 Moderate 6 Low 1