Common Weakness Enumeration

CWE-668

Discouraged

Exposure of Resource to Wrong Sphere

Abstraction: Class · Status: Draft

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

1248 vulnerabilities reference this CWE, most recent first.

GHSA-6C8F-QPHG-QJGP

Vulnerability from github – Published: 2020-03-31 15:59 – Updated: 2021-08-23 15:03
VLAI
Summary
Validation Bypass in kind-of
Details

Versions of kind-of 6.x prior to 6.0.3 are vulnerable to a Validation Bypass. A maliciously crafted object can alter the result of the type check, allowing attackers to bypass the type checking validation.

Recommendation

Upgrade to versions 6.0.3 or later.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "kind-of"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "6.0.0"
            },
            {
              "fixed": "6.0.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2019-20149"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-03-31T15:59:30Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "Versions of `kind-of` 6.x prior to 6.0.3 are vulnerable to a Validation Bypass. A maliciously crafted object can alter the result of the type check, allowing attackers to bypass the type checking validation. \n\n\n## Recommendation\n\nUpgrade to versions 6.0.3 or later.",
  "id": "GHSA-6c8f-qphg-qjgp",
  "modified": "2021-08-23T15:03:55Z",
  "published": "2020-03-31T15:59:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20149"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jonschlinkert/kind-of/issues/30"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jonschlinkert/kind-of/pull/31"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jonschlinkert/kind-of/commit/1df992ce6d5a1292048e5fe9c52c5382f941ee0b"
    },
    {
      "type": "WEB",
      "url": "https://snyk.io/vuln/SNYK-JS-KINDOF-537849"
    },
    {
      "type": "WEB",
      "url": "https://www.npmjs.com/advisories/1490"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Validation Bypass in kind-of"
}

GHSA-6CFF-MJ8V-FVR9

Vulnerability from github – Published: 2022-05-13 01:04 – Updated: 2022-05-13 01:04
VLAI
Details

Atlassian Confluence Server and Data Center before version 6.13.1 allows an authenticated user to download a deleted page via the word export feature.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-20237"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-02-13T18:29:00Z",
    "severity": "MODERATE"
  },
  "details": "Atlassian Confluence Server and Data Center before version 6.13.1 allows an authenticated user to download a deleted page via the word export feature.",
  "id": "GHSA-6cff-mj8v-fvr9",
  "modified": "2022-05-13T01:04:38Z",
  "published": "2022-05-13T01:04:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20237"
    },
    {
      "type": "WEB",
      "url": "https://jira.atlassian.com/browse/CONFSERVER-57814"
    },
    {
      "type": "WEB",
      "url": "https://www.excellium-services.com/cert-xlm-advisory/cve-2018-20237"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/107041"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6CPV-GPJR-7H64

Vulnerability from github – Published: 2022-05-24 19:14 – Updated: 2022-05-24 19:14
VLAI
Details

Some js interfaces in the Xiaomi community were exposed, causing sensitive functions to be maliciously called on Xiaomi community app Affected Version <3.0.210809

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-14130"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-09-16T12:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Some js interfaces in the Xiaomi community were exposed, causing sensitive functions to be maliciously called on Xiaomi community app Affected Version \u003c3.0.210809",
  "id": "GHSA-6cpv-gpjr-7h64",
  "modified": "2022-05-24T19:14:52Z",
  "published": "2022-05-24T19:14:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14130"
    },
    {
      "type": "WEB",
      "url": "https://privacy.mi.com/trust#/security/vulnerability-management/vulnerability-announcement/detail?id=25\u0026locale=zh"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-6CWH-R74G-R47Q

Vulnerability from github – Published: 2022-05-13 01:43 – Updated: 2022-05-13 01:43
VLAI
Details

Insufficient Policy Enforcement in Devtools remote debugging in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to obtain access to remote debugging functionality via a crafted HTML page, aka a Referer leak.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-15393"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-02-07T23:29:00Z",
    "severity": "HIGH"
  },
  "details": "Insufficient Policy Enforcement in Devtools remote debugging in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to obtain access to remote debugging functionality via a crafted HTML page, aka a Referer leak.",
  "id": "GHSA-6cwh-r74g-r47q",
  "modified": "2022-05-13T01:43:45Z",
  "published": "2022-05-13T01:43:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15393"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2017:2997"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html"
    },
    {
      "type": "WEB",
      "url": "https://crbug.com/732751"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201710-24"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2017/dsa-4020"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/101482"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6F7X-QJ2V-8RH2

Vulnerability from github – Published: 2023-10-16 00:30 – Updated: 2024-04-04 08:38
VLAI
Details

IBM Security Verify Governance 10.0, Identity Manager could allow a local privileged user to obtain sensitive information from source code. IBM X-Force ID: 257769.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-35013"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-540",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-10-16T00:15:10Z",
    "severity": "MODERATE"
  },
  "details": "IBM Security Verify Governance 10.0, Identity Manager could allow a local privileged user to obtain sensitive information from source code.  IBM X-Force ID:  257769.",
  "id": "GHSA-6f7x-qj2v-8rh2",
  "modified": "2024-04-04T08:38:55Z",
  "published": "2023-10-16T00:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35013"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/257769"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7050358"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6FRX-XQ63-R4JC

Vulnerability from github – Published: 2022-06-15 00:00 – Updated: 2022-06-24 00:00
VLAI
Details

RPM secure Stream can access any secure resource due to improper SMMU configuration in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-30346"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-06-14T10:15:00Z",
    "severity": "MODERATE"
  },
  "details": "RPM secure Stream can access any secure resource due to improper SMMU configuration in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
  "id": "GHSA-6frx-xq63-r4jc",
  "modified": "2022-06-24T00:00:34Z",
  "published": "2022-06-15T00:00:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30346"
    },
    {
      "type": "WEB",
      "url": "https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6FVF-FHP3-G8CX

Vulnerability from github – Published: 2022-05-24 19:17 – Updated: 2022-05-24 19:17
VLAI
Details

SAP BusinessObjects Analysis (edition for OLAP) - versions 420, 430, allows an attacker to exploit certain application endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation could lead to exposure of some system specific data like its version.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-40497"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-10-12T15:15:00Z",
    "severity": "MODERATE"
  },
  "details": "SAP BusinessObjects Analysis (edition for OLAP) - versions 420, 430, allows an attacker to exploit certain application endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation could lead to exposure of some system specific data like its version.",
  "id": "GHSA-6fvf-fhp3-g8cx",
  "modified": "2022-05-24T19:17:18Z",
  "published": "2022-05-24T19:17:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-40497"
    },
    {
      "type": "WEB",
      "url": "https://launchpad.support.sap.com/#/notes/3098917"
    },
    {
      "type": "WEB",
      "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-6FW5-96CF-75P5

Vulnerability from github – Published: 2021-12-23 00:01 – Updated: 2022-04-20 00:02
VLAI
Details

A local file inclusion vulnerability exists in the Web Manager Applications and FsBrowse functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted series of HTTP requests can lead to local file inclusion. An attacker can make a series of authenticated HTTP requests to trigger this vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-21878"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-12-22T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A local file inclusion vulnerability exists in the Web Manager Applications and FsBrowse functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted series of HTTP requests can lead to local file inclusion. An attacker can make a series of authenticated HTTP requests to trigger this vulnerability.",
  "id": "GHSA-6fw5-96cf-75p5",
  "modified": "2022-04-20T00:02:02Z",
  "published": "2021-12-23T00:01:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21878"
    },
    {
      "type": "WEB",
      "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1322"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6FWC-R3W5-C64X

Vulnerability from github – Published: 2022-04-06 00:01 – Updated: 2022-04-13 00:00
VLAI
Details

Policy bypass in COOP in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to bypass iframe sandbox via a crafted HTML page.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-0461"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-04-05T01:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Policy bypass in COOP in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to bypass iframe sandbox via a crafted HTML page.",
  "id": "GHSA-6fwc-r3w5-c64x",
  "modified": "2022-04-13T00:00:46Z",
  "published": "2022-04-06T00:01:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0461"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html"
    },
    {
      "type": "WEB",
      "url": "https://crbug.com/1256823"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6G2Q-W5J3-FWH4

Vulnerability from github – Published: 2024-01-31 23:22 – Updated: 2024-01-31 23:22
VLAI
Summary
containerd environment variable leak
Details

Impact

Containers launched through containerd's CRI implementation (through Kubernetes, crictl, or any other pod/container client that uses the containerd CRI service) that share the same image may receive incorrect environment variables, including values that are defined for other containers. If the affected containers have different security contexts, this may allow sensitive information to be unintentionally shared.

If you are not using containerd’s CRI implementation (through one of the mechanisms described above), you are not vulnerable to this issue.

If you are not launching multiple containers or Kubernetes pods from the same image which have different environment variables, you are not vulnerable to this issue.

If you are not launching multiple containers or Kubernetes pods from the same image in rapid succession, you have reduced likelihood of being vulnerable to this issue

Patches

This vulnerability has been fixed in containerd 1.3.10 and containerd 1.4.4. Users should update to these versions as soon as they are released.

Workarounds

There are no known workarounds.

For more information

If you have any questions or comments about this advisory:

  • Open an issue
  • Email us at security@containerd.io if you think you’ve found a security bug.
Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/containerd/containerd"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.4.0"
            },
            {
              "fixed": "1.4.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/containerd/containerd"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.3.10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-21334"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-668"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-01-31T23:22:45Z",
    "nvd_published_at": "2021-03-10T22:15:00Z",
    "severity": "MODERATE"
  },
  "details": "## Impact\n\nContainers launched through containerd\u0027s CRI implementation (through Kubernetes, crictl, or any other pod/container client that uses the containerd CRI service) that share the same image may receive incorrect environment variables, including values that are defined for other containers.  If the affected containers have different security contexts, this may allow sensitive information to be unintentionally shared.\n\nIf you are not using containerd\u2019s CRI implementation (through one of the mechanisms described above), you are not vulnerable to this issue.\n\nIf you are not launching multiple containers or Kubernetes pods from the same image which have different environment variables, you are not vulnerable to this issue.\n\nIf you are not launching multiple containers or Kubernetes pods from the same image in rapid succession, you have reduced likelihood of being vulnerable to this issue\n\n## Patches\n\nThis vulnerability has been fixed in containerd 1.3.10 and containerd 1.4.4.  Users should update to these versions as soon as they are released.\n\n## Workarounds\n\nThere are no known workarounds.\n\n## For more information\n\nIf you have any questions or comments about this advisory:\n\n* [Open an issue](https://github.com/containerd/containerd/issues/new/choose)\n* Email us at security@containerd.io if you think you\u2019ve found a security bug.",
  "id": "GHSA-6g2q-w5j3-fwh4",
  "modified": "2024-01-31T23:22:45Z",
  "published": "2024-01-31T23:22:45Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/containerd/containerd/security/advisories/GHSA-6g2q-w5j3-fwh4"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21334"
    },
    {
      "type": "WEB",
      "url": "https://github.com/containerd/cri/pull/1628"
    },
    {
      "type": "WEB",
      "url": "https://github.com/containerd/cri/pull/1629"
    },
    {
      "type": "WEB",
      "url": "https://github.com/containerd/containerd/commit/05f951a3781f4f2c1911b05e61c160e9c30eaa8e"
    },
    {
      "type": "WEB",
      "url": "https://github.com/containerd/containerd/commit/2d9c8aa4b3f4313982c5c999af57212a1c5d144b"
    },
    {
      "type": "WEB",
      "url": "https://github.com/containerd/containerd/commit/cbcb2f57fbe221986f96b552855eb802f63193de"
    },
    {
      "type": "WEB",
      "url": "https://github.com/containerd/containerd/releases/tag/v1.3.10"
    },
    {
      "type": "WEB",
      "url": "https://github.com/containerd/containerd/releases/tag/v1.4.4"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUE2Z2ZUWBHRU36ZGBD2YSJCYB6ELPXE"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QIBPKSX5IOWPM3ZPFB3JVLXWDHSZTTWT"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VTXHA5JOWQRCCUZH7ZQBEYN6KZKJEYSD"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202105-33"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "containerd environment variable leak"
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.