Server does not validate ServerboundUseItemOnPacket packet block hit vector

The bug

The server does not validate the block hit vector of ServerboundUseItemOnPacket (20w07a Mojang name) packets (there are other packets where at least basic Floats.isFinite validation is missing as well).
The values should probably range from 0 to 1 with some tolerance for rounding artifacts, however currently any value is allowed.

Possible exploits

• Creating firework rocket entities at arbitrary positions
• ...?