Vendor
Mojang
Products
2
CVEs
2
Across products
2
Status
Private
Products
2- 1 CVE
- 1 CVE
Recent CVEs
2| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-23884 | Cri | 0.64 | 9.8 | 0.03 | Mar 28, 2022 | Mojang Bedrock Dedicated Server 1.18.2 is affected by an integer overflow leading to a bound check bypass caused by PurchaseReceiptPacket::_read (packet deserializer). | ||
| CVE-2021-35054 | Hig | 0.49 | 7.5 | 0.01 | Jul 20, 2021 | Minecraft before 1.17.1, when online-mode=false is configured, allows path traversal for deletion of arbitrary JSON files. |
- risk 0.64cvss 9.8epss 0.03
Mojang Bedrock Dedicated Server 1.18.2 is affected by an integer overflow leading to a bound check bypass caused by PurchaseReceiptPacket::_read (packet deserializer).
- risk 0.49cvss 7.5epss 0.01
Minecraft before 1.17.1, when online-mode=false is configured, allows path traversal for deletion of arbitrary JSON files.