CVE-2024-41565

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions JustEnoughItems (JEI) versions 19.5.0.33 and before

Description The issue is related to an Improper Validation of Specified Index, Position, or Offset in Input, specifically a failure to validate slot index in JEI for Minecraft. This allows in-game item duplication.

Recommendations For JustEnoughItems (JEI) versions 19.5.0.33 and before, consider disabling the slot index validation feature until a patch is available. Restrict access to the JEI module to minimize the risk of exploitation. Avoid using the slot index variable in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Validation of Array Index

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-129CWE-20

Related Identifiers

CVE-2024-41565

Affected Products

Justenoughitems

CVE-2024-41565

Weakness Enumeration

Related Identifiers

Affected Products

References · 10