{"id":"CVE-2024-22779","details":"Directory Traversal vulnerability in Kihron ServerRPExposer v.1.0.2 and before allows a remote attacker to execute arbitrary code via the loadServerPack in ServerResourcePackProviderMixin.java.","modified":"2026-04-12T08:03:54.864926Z","published":"2024-02-02T02:15:17.890Z","references":[{"type":"WEB","url":"https://modrinth.com/mod/serverrpexposer"},{"type":"FIX","url":"https://github.com/Kihron/ServerRPExposer/commit/8f7b829df633f59e828d677f736c53652d6f1b8f"},{"type":"EVIDENCE","url":"https://gist.github.com/apple502j/193358682885fe1a6708309ce934e4ed"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/kihron/serverrpexposer","events":[{"introduced":"0"},{"fixed":"8f7b829df633f59e828d677f736c53652d6f1b8f"}]},{"type":"GIT","repo":"https://github.com/kihron/serverrpexposer","events":[{"introduced":"0"},{"fixed":"8f7b829df633f59e828d677f736c53652d6f1b8f"}]}],"database_specific":{"vanir_signatures":[{"signature_type":"Line","source":"https://github.com/kihron/serverrpexposer/commit/8f7b829df633f59e828d677f736c53652d6f1b8f","target":{"file":"src/main/java/com/kihron/serverrpexposer/mixins/ServerResourcePackProviderMixin.java"},"digest":{"threshold":0.9,"line_hashes":["172907947846973739225486654491908463847","169339702739663634657435148195649668737","27944832001892353806432056833826041660","89200089313113562177780427530136599996"]},"deprecated":false,"id":"CVE-2024-22779-1b5fc8b5","signature_version":"v1"},{"signature_type":"Function","source":"https://github.com/kihron/serverrpexposer/commit/8f7b829df633f59e828d677f736c53652d6f1b8f","target":{"function":"loadServerPack","file":"src/main/java/com/kihron/serverrpexposer/mixins/ServerResourcePackProviderMixin.java"},"digest":{"function_hash":"121567705243012172053939970764529764805","length":1398},"deprecated":false,"id":"CVE-2024-22779-79bf69e4","signature_version":"v1"}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-22779.json","vanir_signatures_modified":"2026-04-12T08:03:54Z","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"1.0.2"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}