Back

CVE-2024-41564

Aug. 28, 2024, 5:15 p.m.

Received
CVE has been recently published to the CVE List and has been received by the NVD.

Products

EMI mod for Minecraft

  • 1.1.10 and before
  • 1.1.11

Source

cve@mitre.org

Tags

cve@mitre.org
2024-08-28
CVE-2024-41564

CVE-2024-41564 details

Published : Aug. 28, 2024, 5:15 p.m.
Last Modified : Aug. 28, 2024, 5:15 p.m.

Description

EMI v.1.1.10 and before, fixed in v.1.1.11, contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index and decrement stack count in EMI mod for Minecraft, which allows in-game item duplication.

CVSS Score

1 2 3 4.3 5 6 7 8 9 10

Weakness

Weakness Name Description

CVSS Data

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

Base Score

4.3

Exploitability Score

2.8

Impact Score

1.4

Base Severity

MEDIUM

Vector String : CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

References

URL Source
https://gist.github.com/apple502j/6d691b62c37fc37b03b0784917064df6 cve@mitre.org
https://github.com/emilyploszaj/emi/blob/1.21/xplat/src/main/java/dev/emi/emi/network/FillRecipeC2SPacket.java cve@mitre.org
This website uses the NVD API, but is not approved or certified by it.