PT-2024-30110 · Mojang · Minecraft

Shedaniel

Published

2024-08-28

Updated

2024-09-19

CVE-2024-42698

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions Roughly Enough Items (REI) versions 16.0.729 and before

Description The issue is related to a failure to validate slot index and decrement stack count in the Roughly Enough Items (REI) mod for Minecraft, allowing in-game item duplication. This is due to an Improper Validation of Specified Index, Position, or Offset in Input. A remote attack can cause a range error in the Item Handler.

Recommendations For versions 16.0.729 and before, update to a version that contains a fix for this issue to prevent in-game item duplication. As a temporary workaround, consider restricting the use of the Item Handler to minimize the risk of exploitation.

Fix

Improper Validation of Array Index

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-129

Related Identifiers

CVE-2024-42698

Affected Products

Minecraft

PT-2024-30110 · Mojang · Minecraft

CVE-2024-42698

Weakness Enumeration

Related Identifiers

Affected Products

References · 10