Back

CVE-2024-42698

Aug. 28, 2024, 4:15 p.m.

Received
CVE has been recently published to the CVE List and has been received by the NVD.

Products

Roughly Enough Items (REI) mod for Minecraft

  • 16.0.729 and before

Source

cve@mitre.org

Tags

cve@mitre.org
2024-08-28
CVE-2024-42698

CVE-2024-42698 details

Published : Aug. 28, 2024, 4:15 p.m.
Last Modified : Aug. 28, 2024, 4:15 p.m.

Description

Roughly Enough Items (REI) v.16.0.729 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index and decrement stack count in the Roughly Enough Items (REI) mod for Minecraft, which allows in-game item duplication.

CVSS Score

1 2 3 4.3 5 6 7 8 9 10

Weakness

Weakness Name Description

CVSS Data

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

Base Score

4.3

Exploitability Score

2.8

Impact Score

1.4

Base Severity

MEDIUM

Vector String : CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

References

URL Source
https://gist.github.com/apple502j/7b1af0082449c9bfbf910e9a25ef3595 cve@mitre.org
https://github.com/shedaniel/RoughlyEnoughItems/commit/e80ca84f1affb91d2388ddb298bfc6b141828cad cve@mitre.org
This website uses the NVD API, but is not approved or certified by it.