Skip to content

Instantly share code, notes, and snippets.

@apple502j

apple502j/unicopia-advisory.md

Created October 16, 2023 09:42
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save apple502j/4ab77291c98e45f4a5bf780c8eda8afa to your computer and use it in GitHub Desktop.
Save apple502j/4ab77291c98e45f4a5bf780c8eda8afa to your computer and use it in GitHub Desktop.
Download ZIP
Raw
unicopia-advisory.md

Unicopia Mod Security Advisory

CVE: CVE-2023-39680

Deserialization of untrusted data exists in Unicopia mod for Minecraf by Sollace up to and including version 1.1.1. Unsafe Java deserialization occurs after a user's client connects to a malicious server. This is fixed in version 1.2.0. (See the fix commit)

CVSS3.1: 7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment