Lennymclennington

**Name of the Vulnerable Software and Affected Versions** PolyMC Launcher versions 1.4.3 and earlier **Description** The issue allows a maliciously crafted mrpack file to create arbitrary files outside of the installation directory due to a Directory Traversal weakness. **Recommendations** For PolyMC Launcher versions 1.4.3 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.