Описание
Minetest before 5.4.0 allows attackers to add or modify arbitrary meta fields of the same item stack as saved user input, aka ItemStack meta injection.
Ссылки
- Mailing ListPatchThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListPatchThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- Mailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.4.0 (исключая)
cpe:2.3:a:minetest:minetest:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
EPSS
Процентиль: 72%
0.00714
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
CVSS3: 9.8
ubuntu
около 4 лет назад
Minetest before 5.4.0 allows attackers to add or modify arbitrary meta fields of the same item stack as saved user input, aka ItemStack meta injection.
CVSS3: 9.8
debian
около 4 лет назад
Minetest before 5.4.0 allows attackers to add or modify arbitrary meta ...
CVSS3: 9.8
github
почти 4 года назад
Minetest before 5.4.0 allows attackers to add or modify arbitrary meta fields of the same item stack as saved user input, aka ItemStack meta injection.
EPSS
Процентиль: 72%
0.00714
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
NVD-CWE-Other