CVE-2023-33245

Name of the Vulnerable Software and Affected Versions Minecraft versions 1.19 through 1.20 pre-releases before 7 (Java)

Description The issue allows for arbitrary file overwrite, and possibly code execution, via crafted world data that contains a symlink.

Recommendations For Minecraft versions 1.19 through 1.20 pre-releases before 7 (Java), consider restricting the use of crafted world data until a patch is available. As a temporary workaround, avoid using symlinks in world data to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.