Common Weakness Enumeration

CWE-668

Discouraged

Exposure of Resource to Wrong Sphere

Abstraction: Class · Status: Draft

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

1251 vulnerabilities reference this CWE, most recent first.

GHSA-R44W-PFX8-28JV

Vulnerability from github – Published: 2022-12-14 21:30 – Updated: 2025-04-21 22:51
VLAI
Summary
"Newsletter subscriber management" (fp_newsletter) TYPO3 extension leaks subscriber data
Details

An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via unsubscribeAction operations.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "fixpunkt/fp-newsletter"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.1.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "fixpunkt/fp-newsletter"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.2.0"
            },
            {
              "fixed": "2.1.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "fixpunkt/fp-newsletter"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.0.0"
            },
            {
              "fixed": "3.2.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-47411"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-668"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-04-21T22:51:45Z",
    "nvd_published_at": "2022-12-14T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via unsubscribeAction operations.",
  "id": "GHSA-r44w-pfx8-28jv",
  "modified": "2025-04-21T22:51:45Z",
  "published": "2022-12-14T21:30:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-47411"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/bihor/fp_newsletter"
    },
    {
      "type": "WEB",
      "url": "https://typo3.org/security/advisory/typo3-ext-sa-2022-017"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": " \"Newsletter subscriber management\" (fp_newsletter) TYPO3 extension leaks subscriber data"
}

GHSA-R4XQ-54V8-4C6Q

Vulnerability from github – Published: 2022-06-15 00:00 – Updated: 2022-06-23 00:00
VLAI
Details

Fast Food Ordering System v1.0 is vulnerable to Delete any file. via /ffos/classes/Master.php?f=delete_img.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-32328"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-06-14T16:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "Fast Food Ordering System v1.0 is vulnerable to Delete any file. via /ffos/classes/Master.php?f=delete_img.",
  "id": "GHSA-r4xq-54v8-4c6q",
  "modified": "2022-06-23T00:00:22Z",
  "published": "2022-06-15T00:00:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32328"
    },
    {
      "type": "WEB",
      "url": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/fast-food-ordering-system/delet-file-1.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-R527-QPPG-G2JQ

Vulnerability from github – Published: 2022-04-17 00:00 – Updated: 2022-04-27 00:00
VLAI
Details

Zoho ManageEngine Remote Access Plus before 10.1.2137.15 allows guest users to view domain details (such as the username and GUID of an administrator).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-26653"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-04-16T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Zoho ManageEngine Remote Access Plus before 10.1.2137.15 allows guest users to view domain details (such as the username and GUID of an administrator).",
  "id": "GHSA-r527-qppg-g2jq",
  "modified": "2022-04-27T00:00:29Z",
  "published": "2022-04-17T00:00:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26653"
    },
    {
      "type": "WEB",
      "url": "https://raxis.com/blog/cve-2022-26653-and-cve-2022-26777"
    },
    {
      "type": "WEB",
      "url": "https://www.manageengine.com/remote-desktop-management/advisory/cve-2022-26653.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-R5C3-3MF2-X8C7

Vulnerability from github – Published: 2022-06-03 00:01 – Updated: 2024-03-27 15:30
VLAI
Details

libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided with a trailing dot.curl can be told to receive and send cookies. curl's "cookie engine" can bebuilt with or without Public Suffix Listawareness. If PSL support not provided, a more rudimentary check exists to atleast prevent cookies from being set on TLDs. This check was broken if thehost name in the URL uses a trailing dot.This can allow arbitrary sites to set cookies that then would get sent to adifferent and unrelated site or domain.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-27779"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-201",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-06-02T14:15:00Z",
    "severity": "MODERATE"
  },
  "details": "libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided with a trailing dot.curl can be told to receive and send cookies. curl\u0027s \"cookie engine\" can bebuilt with or without [Public Suffix List](https://publicsuffix.org/)awareness. If PSL support not provided, a more rudimentary check exists to atleast prevent cookies from being set on TLDs. This check was broken if thehost name in the URL uses a trailing dot.This can allow arbitrary sites to set cookies that then would get sent to adifferent and unrelated site or domain.",
  "id": "GHSA-r5c3-3mf2-x8c7",
  "modified": "2024-03-27T15:30:35Z",
  "published": "2022-06-03T00:01:03Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27779"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/1553301"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202212-01"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20220609-0009"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-R62C-GW4M-R5QJ

Vulnerability from github – Published: 2022-05-24 19:20 – Updated: 2022-05-24 19:20
VLAI
Details

Insecure direct object reference (IDOR) vulnerability in ICREM H8 SSRMS allows attackers to disclose sensitive information via the Print Invoice Functionality.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-3380"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-639",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-11-10T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Insecure direct object reference (IDOR) vulnerability in ICREM H8 SSRMS allows attackers to disclose sensitive information via the Print Invoice Functionality.",
  "id": "GHSA-r62c-gw4m-r5qj",
  "modified": "2022-05-24T19:20:16Z",
  "published": "2022-05-24T19:20:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3380"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/49508"
    },
    {
      "type": "WEB",
      "url": "http://height8.com"
    },
    {
      "type": "WEB",
      "url": "http://icrem.com"
    },
    {
      "type": "WEB",
      "url": "http://www.height8tech.com/carrier-grade-OSS-BSS.php"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-R67Q-RJQ6-8HP6

Vulnerability from github – Published: 2022-05-24 19:11 – Updated: 2022-07-13 00:01
VLAI
Details

In cPanel before 96.0.13, scripts/fix-cpanel-perl mishandles the creation of temporary files (SEC-586).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-38587"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-08-11T23:15:00Z",
    "severity": "HIGH"
  },
  "details": "In cPanel before 96.0.13, scripts/fix-cpanel-perl mishandles the creation of temporary files (SEC-586).",
  "id": "GHSA-r67q-rjq6-8hp6",
  "modified": "2022-07-13T00:01:35Z",
  "published": "2022-05-24T19:11:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38587"
    },
    {
      "type": "WEB",
      "url": "https://docs.cpanel.net/changelogs/96-change-log"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-R7VR-M4JW-R794

Vulnerability from github – Published: 2026-04-09 12:31 – Updated: 2026-06-05 14:27
VLAI
Summary
Apache Airflow has an authorization bypass in DagRun wait endpoint
Details

Apache Airflow versions 3.0.0 through 3.1.8 DagRun wait endpoint returns XCom result values even to users who only have DAG Run read permissions, such as the Viewer role.This behavior conflicts with the FAB RBAC model, which treats XCom as a separate protected resource, and with the security model documentation that defines the Viewer role as read-only.

Airflow uses the FAB Auth Manager to manage access control on a per-resource basis. The Viewer role is intended to be read-only by default, and the security model documentation defines Viewer users as those who can inspect DAGs without accessing sensitive execution results.

Users are recommended to upgrade to Apache Airflow 3.2.0 which resolves this issue.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "apache-airflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.0.0"
            },
            {
              "fixed": "3.2.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-34538"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-04-10T19:31:47Z",
    "nvd_published_at": "2026-04-09T10:16:22Z",
    "severity": "MODERATE"
  },
  "details": "Apache Airflow versions 3.0.0 through 3.1.8 DagRun wait endpoint returns XCom result values even to users who only have DAG Run read permissions, such as the Viewer role.This behavior conflicts with the FAB RBAC model, which treats XCom as a separate protected resource, and with the security model documentation that defines the Viewer role as read-only.\n\nAirflow uses the FAB Auth Manager to manage access control on a per-resource basis. The Viewer role is intended to be read-only by default, and the security model documentation defines Viewer users as those who can inspect DAGs without accessing sensitive execution results.\n\nUsers are recommended to upgrade to Apache Airflow 3.2.0 which resolves this issue.",
  "id": "GHSA-r7vr-m4jw-r794",
  "modified": "2026-06-05T14:27:15Z",
  "published": "2026-04-09T12:31:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34538"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/airflow/pull/64415"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/airflow"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/airflow/releases/tag/3.2.0"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/apache-airflow/PYSEC-2026-21.yaml"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread/9mq3msqhmgjwdzbr6bgthj4brb3oz9fl"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2026/04/09/9"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Apache Airflow has an authorization bypass in DagRun wait endpoint"
}

GHSA-R858-V5C8-GXQ7

Vulnerability from github – Published: 2023-11-13 21:30 – Updated: 2023-11-13 21:30
VLAI
Details

Use of implicit intent for sensitive communication vulnerability in startNameValidationActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-42549"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-11-07T08:15:22Z",
    "severity": "MODERATE"
  },
  "details": "Use of implicit intent for sensitive communication vulnerability in startNameValidationActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.",
  "id": "GHSA-r858-v5c8-gxq7",
  "modified": "2023-11-13T21:30:57Z",
  "published": "2023-11-13T21:30:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42549"
    },
    {
      "type": "WEB",
      "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023\u0026month=11"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-R8RW-G922-J95J

Vulnerability from github – Published: 2022-01-19 00:01 – Updated: 2023-08-08 15:31
VLAI
Details

In all versions of GitLab CE/EE since version 12.0, a lower privileged user can import users from projects that they don't have a maintainer role on and disclose email addresses of those users.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-39892"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-01-18T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In all versions of GitLab CE/EE since version 12.0, a lower privileged user can import users from projects that they don\u0027t have a maintainer role on and disclose email addresses of those users.",
  "id": "GHSA-r8rw-g922-j95j",
  "modified": "2023-08-08T15:31:37Z",
  "published": "2022-01-19T00:01:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39892"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/542539"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39892.json"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/28440"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-R8VP-6R8V-9X9X

Vulnerability from github – Published: 2022-03-11 00:02 – Updated: 2022-03-19 00:01
VLAI
Details

Citrix Federated Authentication Service (FAS) 7.17 - 10.6 causes deployments that have been configured to store a registration authority certificate's private key in a Trusted Platform Module (TPM) to incorrectly store that key in the Microsoft Software Key Storage Provider (MSKSP). This issue only occurs if PowerShell was used when configuring FAS to store the registration authority certificate’s private key in the TPM. It does not occur if the TPM was not selected for use or if the FAS administration console was used for configuration.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-26355"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-03-10T17:47:00Z",
    "severity": "MODERATE"
  },
  "details": "Citrix Federated Authentication Service (FAS) 7.17 - 10.6 causes deployments that have been configured to store a registration authority certificate\u0027s private key in a Trusted Platform Module (TPM) to incorrectly store that key in the Microsoft Software Key Storage Provider (MSKSP). This issue only occurs if PowerShell was used when configuring FAS to store the registration authority certificate\u2019s private key in the TPM. It does not occur if the TPM was not selected for use or if the FAS administration console was used for configuration.",
  "id": "GHSA-r8vp-6r8v-9x9x",
  "modified": "2022-03-19T00:01:29Z",
  "published": "2022-03-11T00:02:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26355"
    },
    {
      "type": "WEB",
      "url": "https://support.citrix.com/article/CTX341587"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.