Medium severity6.2NVD Advisory· Published Jun 23, 2023· Updated Jun 17, 2026
CVE-2023-35925
CVE-2023-35925
Description
FastAsyncWorldEdit (FAWE) is designed for efficient world editing. This vulnerability enables the attacker to select a region with the Infinity keyword (case-sensitive!) and executes any operation. This has a possibility of bringing the performing server down. This issue has been fixed in version 2.6.3.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
com.fastasyncworldedit:FastAsyncWorldEdit-CoreMaven | < 2.6.3 | 2.6.3 |
com.fastasyncworldedit:FastAsyncWorldEdit-BukkitMaven | < 2.6.3 | 2.6.3 |
Affected products
3- ghsa-coords2 versionspkg:maven/com.fastasyncworldedit/FastAsyncWorldEdit-Bukkitpkg:maven/com.fastasyncworldedit/FastAsyncWorldEdit-Core
< 2.6.3+ 1 more
- (no CPE)range: < 2.6.3
- (no CPE)range: < 2.6.3
- Range: < 2.6.3
Patches
Vulnerability mechanics
References
5- github.com/IntellectualSites/FastAsyncWorldEdit/pull/2285nvdPatchWEB
- github.com/IntellectualSites/FastAsyncWorldEdit/security/advisories/GHSA-whj9-m24x-qhhpnvdVendor AdvisoryWEB
- github.com/advisories/GHSA-whj9-m24x-qhhpghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-35925ghsaADVISORY
- github.com/IntellectualSites/FastAsyncWorldEdit/releases/tag/2.6.3nvdRelease NotesWEB
News mentions
0No linked articles in our index yet.