Minetest before 5.4.0 allows attackers to add or modify arbitrary meta fields of the same item stack as saved user input, aka ItemStack meta injection.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Minetest | Minetest | * | 5.4.0 (excluding) |
Minetest | Ubuntu | bionic | * |
Minetest | Ubuntu | impish | * |
Minetest | Ubuntu | trusty | * |
Minetest | Ubuntu | upstream | * |
Minetest | Ubuntu | xenial | * |