CVE-2023-35925
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-35925
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-35925.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-35925
- Aliases
- Related
- Published
- 2023-06-23T16:15:09Z
- Modified
- 2025-07-01T14:57:49.433976Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
FastAsyncWorldEdit (FAWE) is designed for efficient world editing. This vulnerability enables the attacker to select a region with the
Infinitykeyword (case-sensitive!) and executes any operation. This has a possibility of bringing the performing server down. This issue has been fixed in version 2.6.3. - References
Affected packages
Git / github.com/intellectualsites/fastasyncworldedit
Affected ranges
- Type
- GIT
- Repo
- https://github.com/intellectualsites/fastasyncworldedit
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
0.*
0.10
0.11
0.12
0.13
0.13.1
0.13.2
0.4
0.5-b100
0.5-b104
0.6
0.7
0.8
0.8.1
0.8.2
0.8.3
0.9
1.*
1.15-1.17
1.5
2.*
2.0
2.0.0
2.0.1
2.0.2
2.1
2.1.0
2.1.2
2.10
2.11
2.12
2.13
2.14
2.14.1
2.14.2
2.15
2.15.2
2.2
2.2.0
2.2.1
2.3
2.3.0
2.3.1
2.3.2
2.3.3
2.3.4
2.4
2.4.0
2.4.1
2.4.10
2.4.2
2.4.3
2.4.4
2.4.6
2.4.7
2.4.8
2.4.9
2.5
2.5.0
2.5.1
2.5.2
2.5.3
2.6
2.6.0
2.6.1
2.6.2
2.7
2.7.2
2.8
2.9
3.*
3.0
3.1
3.2
3.2.1
3.2.2
4.*
4.0-beta1
4.0-beta2
4.0-beta3
4.0-beta4
4.0-beta5
4.0-beta6
4.0-beta7
4.0-beta8
4.1
4.2
4.3
4.4.1
4.4.2
4.5
4.6
4.7
4.8-SNAPSHOT
5.*
5.0
5.1
5.1-SNAPSHOT
5.2
5.3
5.3-SNAPSHOT
5.4
5.4.1
5.4.2
5.4.3
5.4.4
5.4.5
5.5
5.5.1
5.5.2
5.5.3
5.5.4
5.5.5
5.5.6
5.5.7
5.5.8
5.6
5.6.1
6.*
6.0
6.0-beta-01
6.0.1
6.1
7.*
7.0.0
7.0.1
Other
hmod