CVE: CVE-2023-39680
Deserialization of untrusted data exists in Unicopia mod for Minecraf by Sollace up to and including version 1.1.1. Unsafe Java deserialization occurs after a user's client connects to a malicious server. This is fixed in version 1.2.0. (See the fix commit)
CVSS3.1: 7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H