de.gurkenlabs:litiengine@0.5.0 vulnerabilities
-
latest version
0.8.0
-
latest non vulnerable version
-
first published
7 years ago
-
latest version published
4 months ago
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the de.gurkenlabs:litiengine package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
de.gurkenlabs:litiengine is a pure 2D free java game engine. Written in plain Java 8 it provides all the infrastructure to create a 2D tile based java game, be it a platformer or a top-down adventure. Affected versions of this package are vulnerable to Deserialization of Untrusted Data. An attacker can supply any instance of Serializable to MessagePacket and it would deserialize it without any checks. This could allow a remote attacker to execute arbitrary code if the classpath contains vulnerable serializable classes. How to fix Deserialization of Untrusted Data? Upgrade |
[0,0.5.1)
|
de.gurkenlabs:litiengine is a pure 2D free java game engine. Written in plain Java 8 it provides all the infrastructure to create a 2D tile based java game, be it a platformer or a top-down adventure. Affected versions of this package are vulnerable to Insecure Randomness. The client IDs in ClientConnection are sequential. This easily allows an attacker to spoof another player's ID. How to fix Insecure Randomness? Upgrade |
[0,0.5.1)
|
de.gurkenlabs:litiengine is a pure 2D free java game engine. Written in plain Java 8 it provides all the infrastructure to create a 2D tile based java game, be it a platformer or a top-down adventure. Affected versions of this package are vulnerable to Improper Input Validation. The How to fix Improper Input Validation? Upgrade |
[0,0.5.1)
|