5.3
CVE-2024-41565
- EPSS 0.12%
- Veröffentlicht 28.08.2024 17:15:10
- Zuletzt bearbeitet 19.03.2025 15:15:48
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginJustEnoughItems (JEI) 19.5.0.33 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index in JEI for Minecraft, which allows in-game item duplication.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mezz ≫ Justenoughitems SwPlatformminecraft Version < 11.6.0.1021
Mezz ≫ Justenoughitems SwPlatformminecraft Version >= 12.0.0 < 13.1.0.18
Mezz ≫ Justenoughitems SwPlatformminecraft Version >= 14.0.0 < 15.8.0.11
Mezz ≫ Justenoughitems SwPlatformminecraft Version >= 16.0.0 < 19.5.0.34
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.12% | 0.323 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
|
| cve@mitre.org | 4.3 | 2.8 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
|
CWE-129 Improper Validation of Array Index
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.