← back
CVE-2022-24300

CVE-2022-24300

EPSS 1.7%
Minetest before 5.4.0 allows attackers to add or modify arbitrary meta fields of the same item stack as saved user input, aka ItemStack meta injection.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugs.debian.org/1004223https://github.com/minetest/minetest/commit/b5956bde259faa240a81060ff4e598e25ad52daehttps://github.com/minetest/minetest/security/advisories/GHSA-hwj2-xf72-r4cfhttps://www.debian.org/security/2022/dsa-5075