pocketmine/pocketmine-mp Security Advisories for 5.20.1 (2)
-
[HIGH] PocketMine-MP `ResourcePackDataInfoPacket` amplification vulnerability due to lack of resource pack sequence status checking
PKSA-gsjv-vrbx-n6br GHSA-fqqv-56h5-f57g
Affected version: <5.32.1
Reported by:
GitHub -
[MEDIUM] PocketMine-MP allows malicious client data to waste server resources due to lack of limits for explode()
PKSA-1y47-vhgh-zq2y GHSA-g274-c6jj-h78p
Affected version: <5.25.2
Reported by:
GitHub