CWE-668
DiscouragedExposure of Resource to Wrong Sphere
Abstraction: Class · Status: Draft
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
1248 vulnerabilities reference this CWE, most recent first.
GHSA-6C8F-QPHG-QJGP
Vulnerability from github – Published: 2020-03-31 15:59 – Updated: 2021-08-23 15:03Versions of kind-of 6.x prior to 6.0.3 are vulnerable to a Validation Bypass. A maliciously crafted object can alter the result of the type check, allowing attackers to bypass the type checking validation.
Recommendation
Upgrade to versions 6.0.3 or later.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "kind-of"
},
"ranges": [
{
"events": [
{
"introduced": "6.0.0"
},
{
"fixed": "6.0.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2019-20149"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": true,
"github_reviewed_at": "2020-03-31T15:59:30Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "Versions of `kind-of` 6.x prior to 6.0.3 are vulnerable to a Validation Bypass. A maliciously crafted object can alter the result of the type check, allowing attackers to bypass the type checking validation. \n\n\n## Recommendation\n\nUpgrade to versions 6.0.3 or later.",
"id": "GHSA-6c8f-qphg-qjgp",
"modified": "2021-08-23T15:03:55Z",
"published": "2020-03-31T15:59:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20149"
},
{
"type": "WEB",
"url": "https://github.com/jonschlinkert/kind-of/issues/30"
},
{
"type": "WEB",
"url": "https://github.com/jonschlinkert/kind-of/pull/31"
},
{
"type": "WEB",
"url": "https://github.com/jonschlinkert/kind-of/commit/1df992ce6d5a1292048e5fe9c52c5382f941ee0b"
},
{
"type": "WEB",
"url": "https://snyk.io/vuln/SNYK-JS-KINDOF-537849"
},
{
"type": "WEB",
"url": "https://www.npmjs.com/advisories/1490"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "Validation Bypass in kind-of"
}
GHSA-6CFF-MJ8V-FVR9
Vulnerability from github – Published: 2022-05-13 01:04 – Updated: 2022-05-13 01:04Atlassian Confluence Server and Data Center before version 6.13.1 allows an authenticated user to download a deleted page via the word export feature.
{
"affected": [],
"aliases": [
"CVE-2018-20237"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-02-13T18:29:00Z",
"severity": "MODERATE"
},
"details": "Atlassian Confluence Server and Data Center before version 6.13.1 allows an authenticated user to download a deleted page via the word export feature.",
"id": "GHSA-6cff-mj8v-fvr9",
"modified": "2022-05-13T01:04:38Z",
"published": "2022-05-13T01:04:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20237"
},
{
"type": "WEB",
"url": "https://jira.atlassian.com/browse/CONFSERVER-57814"
},
{
"type": "WEB",
"url": "https://www.excellium-services.com/cert-xlm-advisory/cve-2018-20237"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/107041"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-6CPV-GPJR-7H64
Vulnerability from github – Published: 2022-05-24 19:14 – Updated: 2022-05-24 19:14Some js interfaces in the Xiaomi community were exposed, causing sensitive functions to be maliciously called on Xiaomi community app Affected Version <3.0.210809
{
"affected": [],
"aliases": [
"CVE-2020-14130"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-09-16T12:15:00Z",
"severity": "MODERATE"
},
"details": "Some js interfaces in the Xiaomi community were exposed, causing sensitive functions to be maliciously called on Xiaomi community app Affected Version \u003c3.0.210809",
"id": "GHSA-6cpv-gpjr-7h64",
"modified": "2022-05-24T19:14:52Z",
"published": "2022-05-24T19:14:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14130"
},
{
"type": "WEB",
"url": "https://privacy.mi.com/trust#/security/vulnerability-management/vulnerability-announcement/detail?id=25\u0026locale=zh"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-6CWH-R74G-R47Q
Vulnerability from github – Published: 2022-05-13 01:43 – Updated: 2022-05-13 01:43Insufficient Policy Enforcement in Devtools remote debugging in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to obtain access to remote debugging functionality via a crafted HTML page, aka a Referer leak.
{
"affected": [],
"aliases": [
"CVE-2017-15393"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-02-07T23:29:00Z",
"severity": "HIGH"
},
"details": "Insufficient Policy Enforcement in Devtools remote debugging in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to obtain access to remote debugging functionality via a crafted HTML page, aka a Referer leak.",
"id": "GHSA-6cwh-r74g-r47q",
"modified": "2022-05-13T01:43:45Z",
"published": "2022-05-13T01:43:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15393"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:2997"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html"
},
{
"type": "WEB",
"url": "https://crbug.com/732751"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201710-24"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2017/dsa-4020"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/101482"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6F7X-QJ2V-8RH2
Vulnerability from github – Published: 2023-10-16 00:30 – Updated: 2024-04-04 08:38IBM Security Verify Governance 10.0, Identity Manager could allow a local privileged user to obtain sensitive information from source code. IBM X-Force ID: 257769.
{
"affected": [],
"aliases": [
"CVE-2023-35013"
],
"database_specific": {
"cwe_ids": [
"CWE-540",
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-10-16T00:15:10Z",
"severity": "MODERATE"
},
"details": "IBM Security Verify Governance 10.0, Identity Manager could allow a local privileged user to obtain sensitive information from source code. IBM X-Force ID: 257769.",
"id": "GHSA-6f7x-qj2v-8rh2",
"modified": "2024-04-04T08:38:55Z",
"published": "2023-10-16T00:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35013"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/257769"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7050358"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-6FRX-XQ63-R4JC
Vulnerability from github – Published: 2022-06-15 00:00 – Updated: 2022-06-24 00:00RPM secure Stream can access any secure resource due to improper SMMU configuration in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
{
"affected": [],
"aliases": [
"CVE-2021-30346"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-06-14T10:15:00Z",
"severity": "MODERATE"
},
"details": "RPM secure Stream can access any secure resource due to improper SMMU configuration in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
"id": "GHSA-6frx-xq63-r4jc",
"modified": "2022-06-24T00:00:34Z",
"published": "2022-06-15T00:00:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30346"
},
{
"type": "WEB",
"url": "https://www.qualcomm.com/company/product-security/bulletins/april-2022-bulletin"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-6FVF-FHP3-G8CX
Vulnerability from github – Published: 2022-05-24 19:17 – Updated: 2022-05-24 19:17SAP BusinessObjects Analysis (edition for OLAP) - versions 420, 430, allows an attacker to exploit certain application endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation could lead to exposure of some system specific data like its version.
{
"affected": [],
"aliases": [
"CVE-2021-40497"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-10-12T15:15:00Z",
"severity": "MODERATE"
},
"details": "SAP BusinessObjects Analysis (edition for OLAP) - versions 420, 430, allows an attacker to exploit certain application endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation could lead to exposure of some system specific data like its version.",
"id": "GHSA-6fvf-fhp3-g8cx",
"modified": "2022-05-24T19:17:18Z",
"published": "2022-05-24T19:17:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-40497"
},
{
"type": "WEB",
"url": "https://launchpad.support.sap.com/#/notes/3098917"
},
{
"type": "WEB",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-6FW5-96CF-75P5
Vulnerability from github – Published: 2021-12-23 00:01 – Updated: 2022-04-20 00:02A local file inclusion vulnerability exists in the Web Manager Applications and FsBrowse functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted series of HTTP requests can lead to local file inclusion. An attacker can make a series of authenticated HTTP requests to trigger this vulnerability.
{
"affected": [],
"aliases": [
"CVE-2021-21878"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-12-22T19:15:00Z",
"severity": "MODERATE"
},
"details": "A local file inclusion vulnerability exists in the Web Manager Applications and FsBrowse functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted series of HTTP requests can lead to local file inclusion. An attacker can make a series of authenticated HTTP requests to trigger this vulnerability.",
"id": "GHSA-6fw5-96cf-75p5",
"modified": "2022-04-20T00:02:02Z",
"published": "2021-12-23T00:01:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21878"
},
{
"type": "WEB",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1322"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-6FWC-R3W5-C64X
Vulnerability from github – Published: 2022-04-06 00:01 – Updated: 2022-04-13 00:00Policy bypass in COOP in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to bypass iframe sandbox via a crafted HTML page.
{
"affected": [],
"aliases": [
"CVE-2022-0461"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-04-05T01:15:00Z",
"severity": "MODERATE"
},
"details": "Policy bypass in COOP in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to bypass iframe sandbox via a crafted HTML page.",
"id": "GHSA-6fwc-r3w5-c64x",
"modified": "2022-04-13T00:00:46Z",
"published": "2022-04-06T00:01:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0461"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html"
},
{
"type": "WEB",
"url": "https://crbug.com/1256823"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-6G2Q-W5J3-FWH4
Vulnerability from github – Published: 2024-01-31 23:22 – Updated: 2024-01-31 23:22Impact
Containers launched through containerd's CRI implementation (through Kubernetes, crictl, or any other pod/container client that uses the containerd CRI service) that share the same image may receive incorrect environment variables, including values that are defined for other containers. If the affected containers have different security contexts, this may allow sensitive information to be unintentionally shared.
If you are not using containerd’s CRI implementation (through one of the mechanisms described above), you are not vulnerable to this issue.
If you are not launching multiple containers or Kubernetes pods from the same image which have different environment variables, you are not vulnerable to this issue.
If you are not launching multiple containers or Kubernetes pods from the same image in rapid succession, you have reduced likelihood of being vulnerable to this issue
Patches
This vulnerability has been fixed in containerd 1.3.10 and containerd 1.4.4. Users should update to these versions as soon as they are released.
Workarounds
There are no known workarounds.
For more information
If you have any questions or comments about this advisory:
- Open an issue
- Email us at security@containerd.io if you think you’ve found a security bug.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/containerd/containerd"
},
"ranges": [
{
"events": [
{
"introduced": "1.4.0"
},
{
"fixed": "1.4.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/containerd/containerd"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.3.10"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-21334"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-668"
],
"github_reviewed": true,
"github_reviewed_at": "2024-01-31T23:22:45Z",
"nvd_published_at": "2021-03-10T22:15:00Z",
"severity": "MODERATE"
},
"details": "## Impact\n\nContainers launched through containerd\u0027s CRI implementation (through Kubernetes, crictl, or any other pod/container client that uses the containerd CRI service) that share the same image may receive incorrect environment variables, including values that are defined for other containers. If the affected containers have different security contexts, this may allow sensitive information to be unintentionally shared.\n\nIf you are not using containerd\u2019s CRI implementation (through one of the mechanisms described above), you are not vulnerable to this issue.\n\nIf you are not launching multiple containers or Kubernetes pods from the same image which have different environment variables, you are not vulnerable to this issue.\n\nIf you are not launching multiple containers or Kubernetes pods from the same image in rapid succession, you have reduced likelihood of being vulnerable to this issue\n\n## Patches\n\nThis vulnerability has been fixed in containerd 1.3.10 and containerd 1.4.4. Users should update to these versions as soon as they are released.\n\n## Workarounds\n\nThere are no known workarounds.\n\n## For more information\n\nIf you have any questions or comments about this advisory:\n\n* [Open an issue](https://github.com/containerd/containerd/issues/new/choose)\n* Email us at security@containerd.io if you think you\u2019ve found a security bug.",
"id": "GHSA-6g2q-w5j3-fwh4",
"modified": "2024-01-31T23:22:45Z",
"published": "2024-01-31T23:22:45Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-6g2q-w5j3-fwh4"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21334"
},
{
"type": "WEB",
"url": "https://github.com/containerd/cri/pull/1628"
},
{
"type": "WEB",
"url": "https://github.com/containerd/cri/pull/1629"
},
{
"type": "WEB",
"url": "https://github.com/containerd/containerd/commit/05f951a3781f4f2c1911b05e61c160e9c30eaa8e"
},
{
"type": "WEB",
"url": "https://github.com/containerd/containerd/commit/2d9c8aa4b3f4313982c5c999af57212a1c5d144b"
},
{
"type": "WEB",
"url": "https://github.com/containerd/containerd/commit/cbcb2f57fbe221986f96b552855eb802f63193de"
},
{
"type": "WEB",
"url": "https://github.com/containerd/containerd/releases/tag/v1.3.10"
},
{
"type": "WEB",
"url": "https://github.com/containerd/containerd/releases/tag/v1.4.4"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUE2Z2ZUWBHRU36ZGBD2YSJCYB6ELPXE"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QIBPKSX5IOWPM3ZPFB3JVLXWDHSZTTWT"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VTXHA5JOWQRCCUZH7ZQBEYN6KZKJEYSD"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202105-33"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "containerd environment variable leak"
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.