216.73.216.133

CVE-2023-7332

· Published 31/12/2025 22:15 · Modified 31/12/2025 22:15

Labels: CVE-2023-7332 2025-12-31CVE-2023-7332CWE-1284[email protected]

Essential information

Published
31/12/2025 22:15
Modified
31/12/2025 22:15
Author
Creator
CVSS
7.1 HIGH (v3) 7.1 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

PocketMine-MP versions prior to 4.18.1 contain an improper input validation vulnerability in inventory transaction handling. A remote attacker with a valid player session can request that the server drop more items than are available in the player's hotbar, triggering a server crash and resulting in denial of service.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
pocketmine / pocketmine-mp cpe:2.3:a:pocketmine:pocketmine-mp:<4.18.1:*:*:*:*:*:*:*

References