Xwhylophone
AAdmincraft
•Created by Xwhylophone on 7/30/2023 in #questions
Can an unmodded paper server be affected by unsafe deserialization on modded clients?
I recently was sent a link to github describing a security vulnerability in many mods that if exploited allowed for arbitrary remote code execution on servers and clients. I run a paper server that is completely unmodded, but I'm also not familiar enough with java to know if the exploit could pose an issue to an unmodded server hosting clients with affected client-side mods. Here is the link to the github page: https://github.com/dogboy21/serializationisbad Any help would be very much appreciated.
6 replies