CVE-2023-35925
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Published Jun 23, 2023
Updated: Jul 3, 2023
CWE ID 400
Summary
CVE-2023-35925 affects FastAsyncWorldEdit (FAWE), a tool for efficient world editing in Minecraft servers. The vulnerability allows an attacker to use the `Infinity` keyword to select an unlimited region, potentially leading to server instability or crashes by executing arbitrary operations within it. This issue has been rectified in FAWE version 2.6.3.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share