CVE-2024-30249 Information

Description

Cloudburst Network provides network components used within Cloudburst projects. A vulnerability in versions prior to 1.0.0.CR1-20240330.101522-15 impacts publicly accessible software depending on the affected versions of Network and allows an attacker to use Network as an amplification vector for a UDP denial of service attack against a third party or as an attempt to trigger service suspension of the host. All consumers of the library should upgrade to at least version 1.0.0.CR1-20240330.101522-15 to receive a fix. There are no known workarounds beyond updating the library.

Reference

https://github.com/CloudburstMC/Network/security/advisories/GHSA-6h3m-c6fv-8hvh