Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
FastAsyncWorldEdit vulnerable to Uncontrolled Resource Consumption
Vulnerability Description
FastAsyncWorldEdit (FAWE) is designed for efficient world editing. This vulnerability enables the attacker to select a region with the `Infinity` keyword (case-sensitive!) and executes any operation. This has a possibility of bringing the performing server down. This issue has been fixed in version 2.6.3.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Vulnerability Title
FastAsyncWorldEdit 资源管理错误漏洞
Vulnerability Description
FastAsyncWorldEdit是WorldEdit 的一个分支,具有巨大的速度和内存改进以及更多的功能。 FastAsyncWorldEdit (FAWE) 2.6.3之前版本存在资源管理错误漏洞,该漏洞源于允许攻击者选择具有Infinity关键字硕玮区域并执行任意操作。
CVSS Information
N/A
Vulnerability Type
N/A