Search by 
pocketmine/pocketmine-mp Security Advisories for 4.3.1 (8)
-
PocketMine-MP server crash with certain invalid JSON payloads in `LoginPacket` due to dependency vulnerability (again)
Affected version: <=4.23.0|>=5.0.0,<=5.3.0
Reported by:
GitHub -
PocketMine-MP vulnerable to improperly checked dropped item count leading to server crash
Affected version: <4.18.1
Reported by:
GitHub -
PocketMine-MP vulnerable to server crash with certain invalid JSON payloads in `LoginPacket` due to vulnerable dependency
Affected version: >=4.21.0,<4.21.1|<4.20.5
Reported by:
GitHub -
PocketMine MP vulnerable to uncontrolled resource consumption via mismatched type of 'InventoryTransactionPacket'
Affected version: <4.18.0-ALPHA2
Reported by:
GitHub -
PocketMine-MP vulnerable to denial-of-service by sending large modal form responses
Affected version: <4.12.5
Reported by:
GitHub -
PocketMine-MP has improperly handled dye colour IDs in banner NBT, leading to server crash
Affected version: <4.8.1
Reported by:
GitHub -
PocketMine-MP invalid skin geometry JSON data leading to server crash
Affected version: <4.7.2
Reported by:
GitHub -
Improperly checked IDs on itemstacks received from the client leading to server crash in PocketMine-MP
Affected version: >=4.0.0-BETA5,<4.4.2
Reported by:
GitHub