Directory Traversal vulnerability in Kihron ServerRPExposer v.1.0.2 and before allows a remote attacker to execute arbitrary code via the loadServerPack in ServerResourcePackProviderMixin.java.
[
{
"id": "CVE-2024-22779-1b5fc8b5",
"target": {
"file": "src/main/java/com/kihron/serverrpexposer/mixins/ServerResourcePackProviderMixin.java"
},
"signature_version": "v1",
"source": "https://github.com/kihron/serverrpexposer/commit/8f7b829df633f59e828d677f736c53652d6f1b8f",
"signature_type": "Line",
"digest": {
"line_hashes": [
"172907947846973739225486654491908463847",
"169339702739663634657435148195649668737",
"27944832001892353806432056833826041660",
"89200089313113562177780427530136599996"
],
"threshold": 0.9
},
"deprecated": false
},
{
"id": "CVE-2024-22779-79bf69e4",
"target": {
"function": "loadServerPack",
"file": "src/main/java/com/kihron/serverrpexposer/mixins/ServerResourcePackProviderMixin.java"
},
"signature_version": "v1",
"source": "https://github.com/kihron/serverrpexposer/commit/8f7b829df633f59e828d677f736c53652d6f1b8f",
"signature_type": "Function",
"digest": {
"function_hash": "121567705243012172053939970764529764805",
"length": 1398.0
},
"deprecated": false
}
]
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-22779.json"
"2026-04-12T08:03:54Z"
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.0.2"
}
]
}
]