Packagist (Composer) package
pocketmine/pocketmine-mp
pkg:composer/pocketmine/pocketmine-mp
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-7332 | Hig | — | < 4.18.1 | 4.18.1 | Dec 31, 2025 | PocketMine-MP versions prior to 4.18.1 contain an improper input validation vulnerability in inventory transaction handling. A remote attacker with a valid player session can request that the server drop more items than are available in the player's hotbar, triggering a server cr |
- affected < 4.18.1fixed 4.18.1
PocketMine-MP versions prior to 4.18.1 contain an improper input validation vulnerability in inventory transaction handling. A remote attacker with a valid player session can request that the server drop more items than are available in the player's hotbar, triggering a server cr