CVE-2024-35474

Name of the Vulnerable Software and Affected Versions iceice666 ResourcePack Server versions prior to 1.0.8

Description A Directory Traversal issue allows a remote attacker to disclose files on the server. The issue is related to the setPath in ResourcePackFileServer.kt.

Recommendations For versions prior to 1.0.8, update to version 1.0.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the setPath function in ResourcePackFileServer.kt to minimize the risk of exploitation.