CWE-668
DiscouragedExposure of Resource to Wrong Sphere
Abstraction: Class · Status: Draft
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
1251 vulnerabilities reference this CWE, most recent first.
GHSA-94VH-MFCC-FG39
Vulnerability from github – Published: 2022-05-05 00:28 – Updated: 2024-04-03 23:57Insecure temporary file vulnerability in RedHat vsdm 4.9.6.
{
"affected": [],
"aliases": [
"CVE-2013-4280"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-11-04T19:15:00Z",
"severity": "MODERATE"
},
"details": "Insecure temporary file vulnerability in RedHat vsdm 4.9.6.",
"id": "GHSA-94vh-mfcc-fg39",
"modified": "2024-04-03T23:57:04Z",
"published": "2022-05-05T00:28:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4280"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/cve-2013-4280"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4280"
},
{
"type": "WEB",
"url": "https://security-tracker.debian.org/tracker/CVE-2013-4280"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-959Q-HG7J-486G
Vulnerability from github – Published: 2022-05-24 19:21 – Updated: 2022-05-24 19:21BeyondTrust Privilege Management prior to version 21.6 creates a Temporary File in a Directory with Insecure Permissions.
{
"affected": [],
"aliases": [
"CVE-2021-42254"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-11-19T19:15:00Z",
"severity": "HIGH"
},
"details": "BeyondTrust Privilege Management prior to version 21.6 creates a Temporary File in a Directory with Insecure Permissions.",
"id": "GHSA-959q-hg7j-486g",
"modified": "2022-05-24T19:21:06Z",
"published": "2022-05-24T19:21:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42254"
},
{
"type": "WEB",
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/MNDT-2021-0008/MNDT-2021-0008.md"
},
{
"type": "WEB",
"url": "https://www.beyondtrust.com/blog"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-95F3-JW2H-5348
Vulnerability from github – Published: 2022-05-13 01:03 – Updated: 2022-05-13 01:03YzmCMS 3.6 allows remote attackers to discover the full path via a direct request to application/install/templates/s1.php.
{
"affected": [],
"aliases": [
"CVE-2018-7479"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-02-26T03:29:00Z",
"severity": "MODERATE"
},
"details": "YzmCMS 3.6 allows remote attackers to discover the full path via a direct request to application/install/templates/s1.php.",
"id": "GHSA-95f3-jw2h-5348",
"modified": "2022-05-13T01:03:58Z",
"published": "2022-05-13T01:03:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7479"
},
{
"type": "WEB",
"url": "https://github.com/kongxin520/YzmCMS/blob/master/YzmCMS_3.6_bug.md"
},
{
"type": "WEB",
"url": "https://kongxin.gitbook.io/yzmcms-3-6-bug"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-95V8-43QV-GR4X
Vulnerability from github – Published: 2023-03-02 18:30 – Updated: 2023-03-10 21:30Dell PowerScale OneFS 9.4.0.x contains exposure of sensitive information to an unauthorized actor. A malicious authenticated local user could potentially exploit this vulnerability in certificate management, leading to a potential system takeover.
{
"affected": [],
"aliases": [
"CVE-2023-25536"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-03-02T16:15:00Z",
"severity": "MODERATE"
},
"details": "Dell PowerScale OneFS 9.4.0.x contains exposure of sensitive information to an unauthorized actor. A malicious authenticated local user could potentially exploit this vulnerability in certificate management, leading to a potential system takeover.",
"id": "GHSA-95v8-43qv-gr4x",
"modified": "2023-03-10T21:30:23Z",
"published": "2023-03-02T18:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25536"
},
{
"type": "WEB",
"url": "https://www.dell.com/support/kbdoc/en-us/000209895/dell-emc-powerscale-onefs-security-updates-for-multiple-security"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-9623-MJ7J-P9V4
Vulnerability from github – Published: 2025-06-23 18:53 – Updated: 2025-12-22 18:38Impact
Vert.x 4.5.12 has changed the semantics of the duplication of duplicated context.
Duplicated context is an object used to propagate data through a processing (synchronous or asynchronous). Each "transaction" or "processing" runs on its own isolated duplicated context.
Initially, duplicating a duplicated context was creating a fresh (empty) new context, meaning that the new duplicated context can be used to managed a separated transaction.
In Vert.x 4.5.12, this semantics has changed, and since the content of the parent duplicated context is copied into the new one, potentially leaking data.
This CVE is especially for Quarkus as Quarkus extensively uses the Vert.x duplicated context to implement context propagation. With the new semantic data from one transaction can leak to the data from another transaction. From a Vert.x point of view, this new semantic clarifies the behavior.
A significant amount of data is stored in the duplicated context, including request scope, security details, and metadata. Duplicating a duplicated context is rather rare and is only done in a few places:
- Quarkus REST Client when using OTel (but it's the same transaction, so no leak)
- Quarkus Messaging connectors
- Quarkus SmallRye Health (same transaction, so no leak)
Patches
After discussion with the Vert.x team, the change will be rolled back in Vert.x 4.x. A new API will be added to Vert.x 5 do distinguish the 2 cases.
Workarounds
When duplicating a duplicated context, the following code can be done to avoid the potential leak:
((ContextInternal) VertxContext.getRootContext(ctx)).duplicate()
This workaround would not be required once the Vert.x version containing the fix will be included. Note that the workaround would still work.
References
This issue have been reported in https://github.com/quarkusio/quarkus/issues/48227.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.15.5"
},
"package": {
"ecosystem": "Maven",
"name": "io.quarkus:quarkus-vertx"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.15.6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.20.1"
},
"package": {
"ecosystem": "Maven",
"name": "io.quarkus:quarkus-vertx"
},
"ranges": [
{
"events": [
{
"introduced": "3.16.0.CR1"
},
{
"fixed": "3.20.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.24.0"
},
"package": {
"ecosystem": "Maven",
"name": "io.quarkus:quarkus-vertx"
},
"ranges": [
{
"events": [
{
"introduced": "3.21.0.CR1"
},
{
"fixed": "3.24.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-49574"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": true,
"github_reviewed_at": "2025-06-23T18:53:22Z",
"nvd_published_at": "2025-06-23T20:15:28Z",
"severity": "MODERATE"
},
"details": "### Impact\n\nVert.x 4.5.12 has changed the semantics of the duplication of duplicated context.\n\nDuplicated context is an object used to propagate data through a processing (synchronous or asynchronous). Each \"transaction\" or \"processing\" runs on its own isolated duplicated context.\n\nInitially, duplicating a duplicated context was creating a fresh (empty) new context, meaning that the new duplicated context can be used to managed a separated transaction.\n\nIn Vert.x 4.5.12, this semantics has changed, and since the content of the parent duplicated context is copied into the new one, potentially leaking data. \n\nThis CVE is especially for Quarkus as Quarkus extensively uses the Vert.x duplicated context to implement context propagation. With the new semantic data from one transaction can leak to the data from another transaction. From a Vert.x point of view, this new semantic clarifies the behavior. \n\nA significant amount of data is stored in the duplicated context, including request scope, security details, and metadata. Duplicating a duplicated context is rather rare and is only done in a few places:\n\n- Quarkus REST Client when using OTel (but it\u0027s the same transaction, so no leak)\n- Quarkus Messaging connectors\n- Quarkus SmallRye Health (same transaction, so no leak)\n\n\n\n### Patches\n\nAfter discussion with the Vert.x team, the change will be rolled back in Vert.x 4.x. A new API will be added to Vert.x 5 do distinguish the 2 cases.\n\n### Workarounds\n\nWhen duplicating a duplicated context, the following code can be done to avoid the potential leak:\n\n```java\n((ContextInternal) VertxContext.getRootContext(ctx)).duplicate()\n```\n\nThis workaround would not be required once the Vert.x version containing the fix will be included. Note that the workaround would still work. \n\n\n### References\n\nThis issue have been reported in https://github.com/quarkusio/quarkus/issues/48227.",
"id": "GHSA-9623-mj7j-p9v4",
"modified": "2025-12-22T18:38:56Z",
"published": "2025-06-23T18:53:22Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-9623-mj7j-p9v4"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49574"
},
{
"type": "WEB",
"url": "https://github.com/quarkusio/quarkus/issues/48227"
},
{
"type": "WEB",
"url": "https://github.com/quarkusio/quarkus/pull/48486"
},
{
"type": "WEB",
"url": "https://github.com/quarkusio/quarkus/commit/2b58f59f4bf0bae7d35b1abb585b65f2a66787d1"
},
{
"type": "WEB",
"url": "https://github.com/quarkusio/quarkus/commit/31e8a3bfcf4e223788615d5ce25eb929ca251275"
},
{
"type": "WEB",
"url": "https://github.com/quarkusio/quarkus/commit/d1ee57e7b826872b6355cfec0ae13465840e232c"
},
{
"type": "PACKAGE",
"url": "https://github.com/quarkusio/quarkus"
},
{
"type": "WEB",
"url": "https://github.com/quarkusio/quarkus/releases/tag/3.24.1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "Quarkus potentially leaks data when duplicating a duplicated context"
}
GHSA-9636-925V-53QR
Vulnerability from github – Published: 2022-05-24 17:34 – Updated: 2022-05-24 17:34Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
{
"affected": [],
"aliases": [
"CVE-2020-8698"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-11-12T18:15:00Z",
"severity": "MODERATE"
},
"details": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"id": "GHSA-9636-925v-53qr",
"modified": "2022-05-24T17:34:10Z",
"published": "2022-05-24T17:34:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8698"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20201113-0006"
},
{
"type": "WEB",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-9642-Q8FH-RW5M
Vulnerability from github – Published: 2022-04-12 00:00 – Updated: 2022-04-19 00:01Information exposure vulnerability in One UI Home prior to SMR April-2022 Release 1 allows to access currently launched foreground app information without permission.
{
"affected": [],
"aliases": [
"CVE-2022-27575"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-668",
"CWE-863"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-04-11T20:15:00Z",
"severity": "MODERATE"
},
"details": "Information exposure vulnerability in One UI Home prior to SMR April-2022 Release 1 allows to access currently launched foreground app information without permission.",
"id": "GHSA-9642-q8fh-rw5m",
"modified": "2022-04-19T00:01:14Z",
"published": "2022-04-12T00:00:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27575"
},
{
"type": "WEB",
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2022\u0026month=4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-96VH-4RFP-C42C
Vulnerability from github – Published: 2022-11-29 18:30 – Updated: 2022-12-02 22:21The package com.github.samtools:htsjdk before 3.0.1 are vulnerable to Creation of Temporary File in Directory with Insecure Permissions due to the createTempDir() function in util/IOUtil.java not checking for the existence of the temporary directory before attempting to create it.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "com.github.samtools:htsjdk"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.0.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-21126"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": true,
"github_reviewed_at": "2022-12-02T22:21:13Z",
"nvd_published_at": "2022-11-29T17:15:00Z",
"severity": "HIGH"
},
"details": "The package com.github.samtools:htsjdk before 3.0.1 are vulnerable to Creation of Temporary File in Directory with Insecure Permissions due to the createTempDir() function in util/IOUtil.java not checking for the existence of the temporary directory before attempting to create it.",
"id": "GHSA-96vh-4rfp-c42c",
"modified": "2022-12-02T22:21:13Z",
"published": "2022-11-29T18:30:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21126"
},
{
"type": "WEB",
"url": "https://github.com/samtools/htsjdk/pull/1617"
},
{
"type": "WEB",
"url": "https://github.com/samtools/htsjdk/commit/4a4024a97ee3e87096df6ad9b22c8260bd527772"
},
{
"type": "PACKAGE",
"url": "https://github.com/samtools/htsjdk"
},
{
"type": "WEB",
"url": "https://security.snyk.io/vuln/SNYK-JAVA-COMGITHUBSAMTOOLS-3149901"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "HTSJDK is vulnerable to exposure of resource(s) to the wrong sphere"
}
GHSA-979M-8JPH-QFMV
Vulnerability from github – Published: 2022-05-13 01:37 – Updated: 2022-05-13 01:37This vulnerability allows remote attackers to execute code by overwriting arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.tools.snmpwalk.snmpwalk_005fdo_jsp servlet, which listens on TCP port 8081 by default. When parsing the ip parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code under the context of Administrator. Was ZDI-CAN-5138.
{
"affected": [],
"aliases": [
"CVE-2017-16598"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-01-23T01:29:00Z",
"severity": "HIGH"
},
"details": "This vulnerability allows remote attackers to execute code by overwriting arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.tools.snmpwalk.snmpwalk_005fdo_jsp servlet, which listens on TCP port 8081 by default. When parsing the ip parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code under the context of Administrator. Was ZDI-CAN-5138.",
"id": "GHSA-979m-8jph-qfmv",
"modified": "2022-05-13T01:37:23Z",
"published": "2022-05-13T01:37:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16598"
},
{
"type": "WEB",
"url": "https://zerodayinitiative.com/advisories/ZDI-17-963"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-97QP-7H55-JXGR
Vulnerability from github – Published: 2023-11-20 18:30 – Updated: 2023-11-20 18:30PowerShell Information Disclosure Vulnerability
{
"affected": [],
"aliases": [
"CVE-2023-36013"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-11-20T16:15:08Z",
"severity": "MODERATE"
},
"details": "PowerShell Information Disclosure Vulnerability",
"id": "GHSA-97qp-7h55-jxgr",
"modified": "2023-11-20T18:30:46Z",
"published": "2023-11-20T18:30:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36013"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36013"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.