Common Weakness Enumeration

CWE-668

Discouraged

Exposure of Resource to Wrong Sphere

Abstraction: Class · Status: Draft

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

1248 vulnerabilities reference this CWE, most recent first.

GHSA-4F8G-FQ6X-JQRR

Vulnerability from github – Published: 2023-04-12 20:34 – Updated: 2023-04-16 07:16
VLAI
Summary
org.xwiki.platform:xwiki-platform-oldcore vulnerable to data leak through deleted documents
Details

Impact

Rights added to a document are not taken into account for viewing it once it's deleted. Note that this vulnerability only impact deleted documents that where containing view rights: the view rights provided on a space of a deleted document are properly checked.

Patches

The problem has been patched in XWiki 14.10 by checking the rights of current user: only admin and deleter of the document are allowed to view it.

Workarounds

There is no workaround for this vulnerability other than upgrading.

References

  • Jira ticket: https://jira.xwiki.org/browse/XWIKI-16285
  • Commit: https://github.com/xwiki/xwiki-platform/commit/d9e947559077e947315bf700c5703dfc7dd8a8d7

For more information

If you have any questions or comments about this advisory: * Open an issue in Jira * Email us at security ML

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.xwiki.platform:xwiki-platform-oldcore"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.2-milestone-1"
            },
            {
              "fixed": "13.10.11"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.xwiki.platform:xwiki-platform-oldcore"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "14.0-rc-1"
            },
            {
              "fixed": "14.4.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.xwiki.platform:xwiki-platform-oldcore"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "14.5"
            },
            {
              "fixed": "14.10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-29208"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-04-12T20:34:55Z",
    "nvd_published_at": "2023-04-15T16:15:00Z",
    "severity": "HIGH"
  },
  "details": "### Impact\n\nRights added to a document are not taken into account for viewing it once it\u0027s deleted. Note that this vulnerability only impact deleted documents that where containing view rights: the view rights provided on a space of a deleted document are properly checked.\n\n### Patches\n\nThe problem has been patched in XWiki 14.10 by checking the rights of current user: only admin and deleter of the document are allowed to view it.\n\n### Workarounds\n\nThere is no workaround for this vulnerability other than upgrading.\n\n### References\n\n  * Jira ticket: https://jira.xwiki.org/browse/XWIKI-16285\n  * Commit: https://github.com/xwiki/xwiki-platform/commit/d9e947559077e947315bf700c5703dfc7dd8a8d7\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [Jira](https://jira.xwiki.org)\n* Email us at [security ML](mailto:security@xwiki.org)\n",
  "id": "GHSA-4f8g-fq6x-jqrr",
  "modified": "2023-04-16T07:16:53Z",
  "published": "2023-04-12T20:34:55Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-4f8g-fq6x-jqrr"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29208"
    },
    {
      "type": "WEB",
      "url": "https://github.com/xwiki/xwiki-platform/commit/d9e947559077e947315bf700c5703dfc7dd8a8d7"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/xwiki/xwiki-platform"
    },
    {
      "type": "WEB",
      "url": "https://jira.xwiki.org/browse/XWIKI-16285"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "org.xwiki.platform:xwiki-platform-oldcore vulnerable to data leak through deleted documents "
}

GHSA-4F93-XJPV-HRXP

Vulnerability from github – Published: 2022-03-10 00:00 – Updated: 2022-03-17 00:02
VLAI
Details

Skype Extension for Chrome Information Disclosure Vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-24522"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-03-09T17:15:00Z",
    "severity": "HIGH"
  },
  "details": "Skype Extension for Chrome Information Disclosure Vulnerability.",
  "id": "GHSA-4f93-xjpv-hrxp",
  "modified": "2022-03-17T00:02:12Z",
  "published": "2022-03-10T00:00:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24522"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24522"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24522"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4FHM-P86V-HWPX

Vulnerability from github – Published: 2026-03-17 12:30 – Updated: 2026-06-05 14:26
VLAI
Summary
Apache Airflow: Path of session token in cookie does not consider base_url - session hijacking via co-hosted applications
Details

Apache Airflow versions 3.1.0 through 3.1.7 session token (_token) in cookies is set to path=/ regardless of the configured [webserver] base_url or [api] base_url. This allows any application co-hosted under the same domain to capture valid Airflow session tokens from HTTP request headers, allowing full session takeover without attacking Airflow itself.

Users are recommended to upgrade to Apache Airflow 3.1.8 or later, which resolves this issue.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "apache-airflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.0.0"
            },
            {
              "fixed": "3.1.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-28779"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-18T16:32:54Z",
    "nvd_published_at": "2026-03-17T11:16:11Z",
    "severity": "HIGH"
  },
  "details": "Apache Airflow versions 3.1.0 through 3.1.7\u00a0session token (_token) in cookies is set to path=/ regardless of the configured [webserver] base_url or [api] base_url.\nThis allows any application co-hosted under the same domain to capture valid Airflow session tokens from HTTP request headers, allowing full session takeover without attacking Airflow itself.\n\nUsers are recommended to upgrade to Apache Airflow 3.1.8 or later, which resolves this issue.",
  "id": "GHSA-4fhm-p86v-hwpx",
  "modified": "2026-06-05T14:26:13Z",
  "published": "2026-03-17T12:30:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28779"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/airflow/pull/62771"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/airflow"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/apache-airflow/PYSEC-2026-16.yaml"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread/r4n5znb8mcq14wo9v8ndml36nxlksdqb"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2026/03/17/3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Apache Airflow: Path of session token in cookie does not consider base_url - session hijacking via co-hosted applications"
}

GHSA-4G2V-6X25-VR7P

Vulnerability from github – Published: 2022-04-10 00:00 – Updated: 2022-04-16 00:01
VLAI
Details

Reprise License Manager 14.2 is affected by an Information Disclosure vulnerability via a GET request to /goforms/rlminfo. No authentication is required. The information disclosed is associated with software versions, process IDs, network configuration, hostname(s), system architecture, and file/directory details.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-28365"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-425",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-04-09T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Reprise License Manager 14.2 is affected by an Information Disclosure vulnerability via a GET request to /goforms/rlminfo. No authentication is required. The information disclosed is associated with software versions, process IDs, network configuration, hostname(s), system architecture, and file/directory details.",
  "id": "GHSA-4g2v-6x25-vr7p",
  "modified": "2022-04-16T00:01:22Z",
  "published": "2022-04-10T00:00:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28365"
    },
    {
      "type": "WEB",
      "url": "https://seclists.org/fulldisclosure/2022/Apr/1"
    },
    {
      "type": "WEB",
      "url": "https://www.reprisesoftware.com/RELEASE_NOTES"
    },
    {
      "type": "WEB",
      "url": "https://www.reprisesoftware.com/products/software-license-management.php"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/166647/Reprise-License-Manager-14.2-Cross-Site-Scripting-Information-Disclosure.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4G94-RRHW-H5FW

Vulnerability from github – Published: 2023-10-12 18:30 – Updated: 2025-11-04 21:30
VLAI
Details

An information disclosure vulnerability exists in the CtEnumCa() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. Specially crafted network packets can lead to a disclosure of sensitive information. An attacker can send packets to trigger this vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-32275"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-201",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-10-12T16:15:11Z",
    "severity": "MODERATE"
  },
  "details": "An information disclosure vulnerability exists in the CtEnumCa() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. Specially crafted network packets can lead to a disclosure of sensitive information. An attacker can send packets to trigger this vulnerability.",
  "id": "GHSA-4g94-rrhw-h5fw",
  "modified": "2025-11-04T21:30:44Z",
  "published": "2023-10-12T18:30:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32275"
    },
    {
      "type": "WEB",
      "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1753"
    },
    {
      "type": "WEB",
      "url": "https://www.softether.org/9-about/News/904-SEVPN202301"
    },
    {
      "type": "WEB",
      "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1753"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4GV4-7PHC-2JW7

Vulnerability from github – Published: 2022-12-08 21:30 – Updated: 2022-12-12 15:30
VLAI
Details

Exposure of Sensitive System Information to an Unauthorized Control Sphere in GitHub repository lirantal/daloradius prior to master branch.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-4366"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-497",
      "CWE-668",
      "CWE-862"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-12-08T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "Exposure of Sensitive System Information to an Unauthorized Control Sphere in GitHub repository lirantal/daloradius prior to master branch.",
  "id": "GHSA-4gv4-7phc-2jw7",
  "modified": "2022-12-12T15:30:30Z",
  "published": "2022-12-08T21:30:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4366"
    },
    {
      "type": "WEB",
      "url": "https://github.com/lirantal/daloradius/commit/3d11f375a76ddb3741200296e15f81d82dfb80ce"
    },
    {
      "type": "WEB",
      "url": "https://huntr.dev/bounties/f225d69a-d971-410d-a8f9-b0026143aed8"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4H69-9CG9-WQMW

Vulnerability from github – Published: 2022-07-13 00:01 – Updated: 2022-07-17 00:00
VLAI
Details

Exposure of Sensitive Information in putDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-33700"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-07-12T14:15:00Z",
    "severity": "LOW"
  },
  "details": "Exposure of Sensitive Information in putDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log.",
  "id": "GHSA-4h69-9cg9-wqmw",
  "modified": "2022-07-17T00:00:45Z",
  "published": "2022-07-13T00:01:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33700"
    },
    {
      "type": "WEB",
      "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2022\u0026month=7"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4HF4-G256-GXVM

Vulnerability from github – Published: 2022-12-15 21:30 – Updated: 2025-04-21 18:32
VLAI
Details

This issue was addressed with improved data protection. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. A user may be able to view sensitive user information.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-42843"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-12-15T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "This issue was addressed with improved data protection. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. A user may be able to view sensitive user information.",
  "id": "GHSA-4hf4-g256-gxvm",
  "modified": "2025-04-21T18:32:07Z",
  "published": "2022-12-15T21:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42843"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213530"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213532"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213535"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213536"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2022/Dec/20"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2022/Dec/23"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2022/Dec/26"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2022/Dec/27"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4HQJ-2GG9-GQGP

Vulnerability from github – Published: 2021-12-09 00:00 – Updated: 2022-08-02 00:00
VLAI
Details

An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows attackers to access BSSID.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-25515"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-12-08T15:15:00Z",
    "severity": "LOW"
  },
  "details": "An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows attackers to access BSSID.",
  "id": "GHSA-4hqj-2gg9-gqgp",
  "modified": "2022-08-02T00:00:33Z",
  "published": "2021-12-09T00:00:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25515"
    },
    {
      "type": "WEB",
      "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021\u0026month=12"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4HR4-W7M2-R3VR

Vulnerability from github – Published: 2023-07-11 15:31 – Updated: 2024-04-04 05:56
VLAI
Details

An issue found in Marukyu Line v.13.4.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp function.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-31818"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-07-11T15:15:20Z",
    "severity": "HIGH"
  },
  "details": "An issue found in Marukyu Line v.13.4.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp function.",
  "id": "GHSA-4hr4-w7m2-r3vr",
  "modified": "2024-04-04T05:56:42Z",
  "published": "2023-07-11T15:31:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31818"
    },
    {
      "type": "WEB",
      "url": "https://github.com/syz913/CVE-reports/blob/main/CVE-2023-31818.md"
    },
    {
      "type": "WEB",
      "url": "http://marukyu.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.