CWE-668
DiscouragedExposure of Resource to Wrong Sphere
Abstraction: Class · Status: Draft
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
1251 vulnerabilities reference this CWE, most recent first.
GHSA-VXJX-P5M9-Q5FR
Vulnerability from github – Published: 2021-11-25 00:00 – Updated: 2022-07-13 00:01Azure Active Directory Information Disclosure Vulnerability
{
"affected": [],
"aliases": [
"CVE-2021-42306"
],
"database_specific": {
"cwe_ids": [
"CWE-522",
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-11-24T01:15:00Z",
"severity": "MODERATE"
},
"details": "Azure Active Directory Information Disclosure Vulnerability",
"id": "GHSA-vxjx-p5m9-q5fr",
"modified": "2022-07-13T00:01:42Z",
"published": "2021-11-25T00:00:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42306"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42306"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-VXMC-QG5X-PVFX
Vulnerability from github – Published: 2022-12-14 21:30 – Updated: 2025-04-21 22:51An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via createAction operations.
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "fixpunkt/fp-newsletter"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "fixpunkt/fp-newsletter"
},
"ranges": [
{
"events": [
{
"introduced": "1.2.0"
},
{
"fixed": "2.1.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "fixpunkt/fp-newsletter"
},
"ranges": [
{
"events": [
{
"introduced": "3.0.0"
},
{
"fixed": "3.2.6"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-47410"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-668"
],
"github_reviewed": true,
"github_reviewed_at": "2025-04-21T22:51:49Z",
"nvd_published_at": "2022-12-14T21:15:00Z",
"severity": "HIGH"
},
"details": "An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via createAction operations.",
"id": "GHSA-vxmc-qg5x-pvfx",
"modified": "2025-04-21T22:51:49Z",
"published": "2022-12-14T21:30:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-47410"
},
{
"type": "PACKAGE",
"url": "https://github.com/bihor/fp_newsletter"
},
{
"type": "WEB",
"url": "https://typo3.org/security/advisory/typo3-ext-sa-2022-017"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": " \"Newsletter subscriber management\" (fp_newsletter) TYPO3 extension leaks subscriber data"
}
GHSA-VXMX-VJ5X-4642
Vulnerability from github – Published: 2022-07-18 00:00 – Updated: 2022-07-19 00:00Pexip Infinity 27.x before 27.2 has Improper Access Control. An attacker can sometimes join a conference (call join) if it has a lock but not a PIN.
{
"affected": [],
"aliases": [
"CVE-2022-25357"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-17T21:15:00Z",
"severity": "MODERATE"
},
"details": "Pexip Infinity 27.x before 27.2 has Improper Access Control. An attacker can sometimes join a conference (call join) if it has a lock but not a PIN.",
"id": "GHSA-vxmx-vj5x-4642",
"modified": "2022-07-19T00:00:28Z",
"published": "2022-07-18T00:00:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25357"
},
{
"type": "WEB",
"url": "https://docs.pexip.com/admin/security_bulletins.htm#CVE-2022-25357"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-VXP2-RM45-4PJG
Vulnerability from github – Published: 2021-11-17 19:13 – Updated: 2022-05-12 00:01PSP protection against improperly configured side channels may lead to potential information disclosure. This issue affects: AMD 1st Gen AMD EPYC™ versions prior to NaplesPI-SP3_1.0.0.G. AMD 2nd Gen AMD EPYC™ versions prior to RomePI-SP3_1.0.0.C. AMD 3rd Gen AMD EPYC™ versions prior to MilanPI-SP3_1.0.0.4.
{
"affected": [],
"aliases": [
"CVE-2021-26312"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-11-16T18:15:00Z",
"severity": "MODERATE"
},
"details": "PSP protection against improperly configured side channels may lead to potential information disclosure. This issue affects: AMD 1st Gen AMD EPYC\u2122 versions prior to NaplesPI-SP3_1.0.0.G. AMD 2nd Gen AMD EPYC\u2122 versions prior to RomePI-SP3_1.0.0.C. AMD 3rd Gen AMD EPYC\u2122 versions prior to MilanPI-SP3_1.0.0.4.",
"id": "GHSA-vxp2-rm45-4pjg",
"modified": "2022-05-12T00:01:44Z",
"published": "2021-11-17T19:13:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26312"
},
{
"type": "WEB",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021"
},
{
"type": "WEB",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027"
},
{
"type": "WEB",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1028"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-W23Q-4HW3-2PP6
Vulnerability from github – Published: 2023-09-06 18:43 – Updated: 2023-09-06 18:43Impact
All users on Windows are impacted. MinIO fails to filter the \ character, which allows for arbitrary object placement across
buckets. As a result, a user with low privileges, such as an access key, service account, or STS credential, which only has permission to PutObject in a specific bucket, can create an admin user.
Patches
There are two patches that fix this problem comprehensively
commit b3c54ec81e0a06392abfb3a1ffcdc80c6fbf6ebc
Author: Harshavardhana <harsha@minio.io>
Date: Mon Mar 20 13:16:00 2023 -0700
reject object names with '\' on windows (#16856)
commit 8d6558b23649f613414c8527b58973fbdfa4d1b8
Author: Harshavardhana <harsha@minio.io>
Date: Mon Mar 20 00:35:25 2023 -0700
fix: convert '\' to '/' on windows (#16852)
Workarounds
There are no known workarounds
References
The vulnerable code:
// minio/cmd/generic-handlers.go
// Check if the incoming path has bad path components,
// such as ".." and "."
// SlashSeparator -> /
// dotdotComponent -> ..
// dotComponent -> .
func hasBadPathComponent(path string) bool {
path = strings.TrimSpace(path)
for _, p := range strings.Split(path, SlashSeparator) {
switch strings.TrimSpace(p) {
case dotdotComponent:
return true
case dotComponent:
return true
}
}
return false
}
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/minio/minio"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.0.0-202303200735"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-28433"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": true,
"github_reviewed_at": "2023-09-06T18:43:13Z",
"nvd_published_at": "2023-03-22T21:15:00Z",
"severity": "HIGH"
},
"details": "### Impact\nAll users on Windows are impacted. MinIO fails to filter the `\\` character, which allows for arbitrary object placement across\nbuckets. As a result, a user with low privileges, such as an access key, service account, or STS credential, which only has permission to `PutObject` in a specific bucket, can create an admin user.\n\n### Patches\nThere are two patches that fix this problem comprehensively\n\n```\ncommit b3c54ec81e0a06392abfb3a1ffcdc80c6fbf6ebc\nAuthor: Harshavardhana \u003charsha@minio.io\u003e\nDate: Mon Mar 20 13:16:00 2023 -0700\n\n reject object names with \u0027\\\u0027 on windows (#16856)\n```\n\n```\ncommit 8d6558b23649f613414c8527b58973fbdfa4d1b8\nAuthor: Harshavardhana \u003charsha@minio.io\u003e\nDate: Mon Mar 20 00:35:25 2023 -0700\n\n fix: convert \u0027\\\u0027 to \u0027/\u0027 on windows (#16852)\n```\n\n### Workarounds\nThere are no known workarounds\n\n### References\nThe vulnerable code:\n```go\n// minio/cmd/generic-handlers.go\n// Check if the incoming path has bad path components,\n// such as \"..\" and \".\"\n// SlashSeparator -\u003e /\n// dotdotComponent -\u003e ..\n// dotComponent -\u003e .\nfunc hasBadPathComponent(path string) bool {\n path = strings.TrimSpace(path)\n for _, p := range strings.Split(path, SlashSeparator) {\n switch strings.TrimSpace(p) {\n case dotdotComponent:\n return true\n case dotComponent:\n return true\n }\n }\n return false\n}\n```\n",
"id": "GHSA-w23q-4hw3-2pp6",
"modified": "2023-09-06T18:43:13Z",
"published": "2023-09-06T18:43:13Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/minio/minio/security/advisories/GHSA-w23q-4hw3-2pp6"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28433"
},
{
"type": "WEB",
"url": "https://github.com/minio/minio/commit/8d6558b23649f613414c8527b58973fbdfa4d1b8"
},
{
"type": "WEB",
"url": "https://github.com/minio/minio/commit/b3c54ec81e0a06392abfb3a1ffcdc80c6fbf6ebc"
},
{
"type": "PACKAGE",
"url": "https://github.com/minio/minio"
},
{
"type": "WEB",
"url": "https://github.com/minio/minio/releases/tag/RELEASE.2023-03-20T20-16-18Z"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Minio vulnerable to Privilege Escalation on Windows via Path separator manipulation"
}
GHSA-W2FX-FP33-FVMP
Vulnerability from github – Published: 2022-05-24 19:08 – Updated: 2022-07-13 00:01IBM Security Verify Access Docker 10.0.0 could reveal highly sensitive information to a local privileged user. IBM X-Force ID: 197980.
{
"affected": [],
"aliases": [
"CVE-2021-20500"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-07-15T18:15:00Z",
"severity": "MODERATE"
},
"details": "IBM Security Verify Access Docker 10.0.0 could reveal highly sensitive information to a local privileged user. IBM X-Force ID: 197980.",
"id": "GHSA-w2fx-fp33-fvmp",
"modified": "2022-07-13T00:01:04Z",
"published": "2022-05-24T19:08:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20500"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/197980"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/6471895"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-W2GJ-35CX-6H66
Vulnerability from github – Published: 2022-05-24 19:19 – Updated: 2022-05-24 19:19A component of the HarmonyOS has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause core dump.
{
"affected": [],
"aliases": [
"CVE-2021-22454"
],
"database_specific": {
"cwe_ids": [
"CWE-668",
"CWE-674"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-10-28T13:15:00Z",
"severity": "MODERATE"
},
"details": "A component of the HarmonyOS has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause core dump.",
"id": "GHSA-w2gj-35cx-6h66",
"modified": "2022-05-24T19:19:09Z",
"published": "2022-05-24T19:19:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22454"
},
{
"type": "WEB",
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202107-0000001123874808"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-W2RF-V2FH-5MJH
Vulnerability from github – Published: 2023-06-07 18:30 – Updated: 2024-04-04 04:39An issue has been discovered in GitLab EE affecting all versions starting from 15.7 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. It was possible to disclose issue notes to an unauthorized user at project export.
{
"affected": [],
"aliases": [
"CVE-2023-1825"
],
"database_specific": {
"cwe_ids": [
"CWE-201",
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-06-07T17:15:09Z",
"severity": "MODERATE"
},
"details": "An issue has been discovered in GitLab EE affecting all versions starting from 15.7 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. It was possible to disclose issue notes to an unauthorized user at project export.",
"id": "GHSA-w2rf-v2fh-5mjh",
"modified": "2024-04-04T04:39:31Z",
"published": "2023-06-07T18:30:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1825"
},
{
"type": "WEB",
"url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-1825.json"
},
{
"type": "WEB",
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/384035"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-W2V4-MPJ8-9X8M
Vulnerability from github – Published: 2022-04-21 01:50 – Updated: 2022-04-21 01:50Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user could bypass the chroot environment and gain write access to files, he would never have otherwise.
{
"affected": [],
"aliases": [
"CVE-2008-2544"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-05-27T13:15:00Z",
"severity": "MODERATE"
},
"details": "Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user could bypass the chroot environment and gain write access to files, he would never have otherwise.",
"id": "GHSA-w2v4-mpj8-9x8m",
"modified": "2022-04-21T01:50:56Z",
"published": "2022-04-21T01:50:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2544"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=213135"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-W2XC-2255-85HM
Vulnerability from github – Published: 2022-05-24 17:13 – Updated: 2022-07-13 00:00This issue was addressed with a new entitlement. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2. An application may be able to use an SSH client provided by private frameworks.
{
"affected": [],
"aliases": [
"CVE-2020-3917"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-04-01T18:15:00Z",
"severity": "MODERATE"
},
"details": "This issue was addressed with a new entitlement. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2. An application may be able to use an SSH client provided by private frameworks.",
"id": "GHSA-w2xc-2255-85hm",
"modified": "2022-07-13T00:00:51Z",
"published": "2022-05-24T17:13:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3917"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT211101"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT211102"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT211103"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.