CVE-2021-35054

CVE-2021-35054

EPSS 1.4%

Minecraft before 1.17.1, when online-mode=false is configured, allows path traversal for deletion of arbitrary JSON files.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://jvn.jp/en/jp/JVN53278122/index.html https://vuln.ryotak.me/advisories/55 https://www.minecraft.net/en-us/article/minecraft-java-edition-1-16-5