Common Weakness Enumeration

CWE-668

Discouraged

Exposure of Resource to Wrong Sphere

Abstraction: Class · Status: Draft

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

1251 vulnerabilities reference this CWE, most recent first.

GHSA-94VH-MFCC-FG39

Vulnerability from github – Published: 2022-05-05 00:28 – Updated: 2024-04-03 23:57
VLAI
Details

Insecure temporary file vulnerability in RedHat vsdm 4.9.6.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2013-4280"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-11-04T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Insecure temporary file vulnerability in RedHat vsdm 4.9.6.",
  "id": "GHSA-94vh-mfcc-fg39",
  "modified": "2024-04-03T23:57:04Z",
  "published": "2022-05-05T00:28:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4280"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/cve-2013-4280"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4280"
    },
    {
      "type": "WEB",
      "url": "https://security-tracker.debian.org/tracker/CVE-2013-4280"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-959Q-HG7J-486G

Vulnerability from github – Published: 2022-05-24 19:21 – Updated: 2022-05-24 19:21
VLAI
Details

BeyondTrust Privilege Management prior to version 21.6 creates a Temporary File in a Directory with Insecure Permissions.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-42254"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-11-19T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "BeyondTrust Privilege Management prior to version 21.6 creates a Temporary File in a Directory with Insecure Permissions.",
  "id": "GHSA-959q-hg7j-486g",
  "modified": "2022-05-24T19:21:06Z",
  "published": "2022-05-24T19:21:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42254"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/MNDT-2021-0008/MNDT-2021-0008.md"
    },
    {
      "type": "WEB",
      "url": "https://www.beyondtrust.com/blog"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-95F3-JW2H-5348

Vulnerability from github – Published: 2022-05-13 01:03 – Updated: 2022-05-13 01:03
VLAI
Details

YzmCMS 3.6 allows remote attackers to discover the full path via a direct request to application/install/templates/s1.php.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-7479"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-02-26T03:29:00Z",
    "severity": "MODERATE"
  },
  "details": "YzmCMS 3.6 allows remote attackers to discover the full path via a direct request to application/install/templates/s1.php.",
  "id": "GHSA-95f3-jw2h-5348",
  "modified": "2022-05-13T01:03:58Z",
  "published": "2022-05-13T01:03:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7479"
    },
    {
      "type": "WEB",
      "url": "https://github.com/kongxin520/YzmCMS/blob/master/YzmCMS_3.6_bug.md"
    },
    {
      "type": "WEB",
      "url": "https://kongxin.gitbook.io/yzmcms-3-6-bug"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-95V8-43QV-GR4X

Vulnerability from github – Published: 2023-03-02 18:30 – Updated: 2023-03-10 21:30
VLAI
Details

Dell PowerScale OneFS 9.4.0.x contains exposure of sensitive information to an unauthorized actor. A malicious authenticated local user could potentially exploit this vulnerability in certificate management, leading to a potential system takeover.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-25536"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-03-02T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Dell PowerScale OneFS 9.4.0.x contains exposure of sensitive information to an unauthorized actor. A malicious authenticated local user could potentially exploit this vulnerability in certificate management, leading to a potential system takeover.",
  "id": "GHSA-95v8-43qv-gr4x",
  "modified": "2023-03-10T21:30:23Z",
  "published": "2023-03-02T18:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25536"
    },
    {
      "type": "WEB",
      "url": "https://www.dell.com/support/kbdoc/en-us/000209895/dell-emc-powerscale-onefs-security-updates-for-multiple-security"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9623-MJ7J-P9V4

Vulnerability from github – Published: 2025-06-23 18:53 – Updated: 2025-12-22 18:38
VLAI
Summary
Quarkus potentially leaks data when duplicating a duplicated context
Details

Impact

Vert.x 4.5.12 has changed the semantics of the duplication of duplicated context.

Duplicated context is an object used to propagate data through a processing (synchronous or asynchronous). Each "transaction" or "processing" runs on its own isolated duplicated context.

Initially, duplicating a duplicated context was creating a fresh (empty) new context, meaning that the new duplicated context can be used to managed a separated transaction.

In Vert.x 4.5.12, this semantics has changed, and since the content of the parent duplicated context is copied into the new one, potentially leaking data.

This CVE is especially for Quarkus as Quarkus extensively uses the Vert.x duplicated context to implement context propagation. With the new semantic data from one transaction can leak to the data from another transaction. From a Vert.x point of view, this new semantic clarifies the behavior.

A significant amount of data is stored in the duplicated context, including request scope, security details, and metadata. Duplicating a duplicated context is rather rare and is only done in a few places:

  • Quarkus REST Client when using OTel (but it's the same transaction, so no leak)
  • Quarkus Messaging connectors
  • Quarkus SmallRye Health (same transaction, so no leak)

Patches

After discussion with the Vert.x team, the change will be rolled back in Vert.x 4.x. A new API will be added to Vert.x 5 do distinguish the 2 cases.

Workarounds

When duplicating a duplicated context, the following code can be done to avoid the potential leak:

((ContextInternal) VertxContext.getRootContext(ctx)).duplicate()

This workaround would not be required once the Vert.x version containing the fix will be included. Note that the workaround would still work.

References

This issue have been reported in https://github.com/quarkusio/quarkus/issues/48227.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 3.15.5"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "io.quarkus:quarkus-vertx"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.15.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 3.20.1"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "io.quarkus:quarkus-vertx"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.16.0.CR1"
            },
            {
              "fixed": "3.20.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 3.24.0"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "io.quarkus:quarkus-vertx"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.21.0.CR1"
            },
            {
              "fixed": "3.24.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-49574"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-06-23T18:53:22Z",
    "nvd_published_at": "2025-06-23T20:15:28Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nVert.x 4.5.12 has changed the semantics of the duplication of duplicated context.\n\nDuplicated context is an object used to propagate data through a processing (synchronous or asynchronous). Each \"transaction\" or \"processing\" runs on its own isolated duplicated context.\n\nInitially, duplicating a duplicated context was creating a fresh (empty) new context, meaning that the new duplicated context can be used to managed a separated transaction.\n\nIn Vert.x 4.5.12, this semantics has changed, and since the content of the parent duplicated context is copied into the new one, potentially leaking data. \n\nThis CVE is especially for Quarkus as Quarkus extensively uses the Vert.x duplicated context to implement context propagation. With the new semantic data from one transaction can leak to the data from another transaction. From a Vert.x point of view, this new semantic clarifies the behavior. \n\nA significant amount of data is stored in the duplicated context, including request scope, security details, and metadata. Duplicating a duplicated context is rather rare and is only done in a few places:\n\n- Quarkus REST Client when using OTel (but it\u0027s the same transaction, so no leak)\n- Quarkus Messaging connectors\n- Quarkus SmallRye Health (same transaction, so no leak)\n\n\n\n### Patches\n\nAfter discussion with the Vert.x team, the change will be rolled back in Vert.x 4.x. A new API will be added to Vert.x 5 do distinguish the 2 cases.\n\n### Workarounds\n\nWhen duplicating a duplicated context, the following code can be done to avoid the potential leak:\n\n```java\n((ContextInternal) VertxContext.getRootContext(ctx)).duplicate()\n```\n\nThis workaround would not be required once the Vert.x version containing the fix will be included. Note that the workaround would still work. \n\n\n### References\n\nThis issue have been reported in https://github.com/quarkusio/quarkus/issues/48227.",
  "id": "GHSA-9623-mj7j-p9v4",
  "modified": "2025-12-22T18:38:56Z",
  "published": "2025-06-23T18:53:22Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-9623-mj7j-p9v4"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49574"
    },
    {
      "type": "WEB",
      "url": "https://github.com/quarkusio/quarkus/issues/48227"
    },
    {
      "type": "WEB",
      "url": "https://github.com/quarkusio/quarkus/pull/48486"
    },
    {
      "type": "WEB",
      "url": "https://github.com/quarkusio/quarkus/commit/2b58f59f4bf0bae7d35b1abb585b65f2a66787d1"
    },
    {
      "type": "WEB",
      "url": "https://github.com/quarkusio/quarkus/commit/31e8a3bfcf4e223788615d5ce25eb929ca251275"
    },
    {
      "type": "WEB",
      "url": "https://github.com/quarkusio/quarkus/commit/d1ee57e7b826872b6355cfec0ae13465840e232c"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/quarkusio/quarkus"
    },
    {
      "type": "WEB",
      "url": "https://github.com/quarkusio/quarkus/releases/tag/3.24.1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Quarkus potentially leaks data when duplicating a duplicated context"
}

GHSA-9636-925V-53QR

Vulnerability from github – Published: 2022-05-24 17:34 – Updated: 2022-05-24 17:34
VLAI
Details

Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-8698"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-11-12T18:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
  "id": "GHSA-9636-925v-53qr",
  "modified": "2022-05-24T17:34:10Z",
  "published": "2022-05-24T17:34:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8698"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20201113-0006"
    },
    {
      "type": "WEB",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9642-Q8FH-RW5M

Vulnerability from github – Published: 2022-04-12 00:00 – Updated: 2022-04-19 00:01
VLAI
Details

Information exposure vulnerability in One UI Home prior to SMR April-2022 Release 1 allows to access currently launched foreground app information without permission.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-27575"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-668",
      "CWE-863"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-04-11T20:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Information exposure vulnerability in One UI Home prior to SMR April-2022 Release 1 allows to access currently launched foreground app information without permission.",
  "id": "GHSA-9642-q8fh-rw5m",
  "modified": "2022-04-19T00:01:14Z",
  "published": "2022-04-12T00:00:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27575"
    },
    {
      "type": "WEB",
      "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2022\u0026month=4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-96VH-4RFP-C42C

Vulnerability from github – Published: 2022-11-29 18:30 – Updated: 2022-12-02 22:21
VLAI
Summary
HTSJDK is vulnerable to exposure of resource(s) to the wrong sphere
Details

The package com.github.samtools:htsjdk before 3.0.1 are vulnerable to Creation of Temporary File in Directory with Insecure Permissions due to the createTempDir() function in util/IOUtil.java not checking for the existence of the temporary directory before attempting to create it.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.github.samtools:htsjdk"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.0.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-21126"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-12-02T22:21:13Z",
    "nvd_published_at": "2022-11-29T17:15:00Z",
    "severity": "HIGH"
  },
  "details": "The package com.github.samtools:htsjdk before 3.0.1 are vulnerable to Creation of Temporary File in Directory with Insecure Permissions due to the createTempDir() function in util/IOUtil.java not checking for the existence of the temporary directory before attempting to create it.",
  "id": "GHSA-96vh-4rfp-c42c",
  "modified": "2022-12-02T22:21:13Z",
  "published": "2022-11-29T18:30:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21126"
    },
    {
      "type": "WEB",
      "url": "https://github.com/samtools/htsjdk/pull/1617"
    },
    {
      "type": "WEB",
      "url": "https://github.com/samtools/htsjdk/commit/4a4024a97ee3e87096df6ad9b22c8260bd527772"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/samtools/htsjdk"
    },
    {
      "type": "WEB",
      "url": "https://security.snyk.io/vuln/SNYK-JAVA-COMGITHUBSAMTOOLS-3149901"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "HTSJDK is vulnerable to exposure of resource(s) to the wrong sphere"
}

GHSA-979M-8JPH-QFMV

Vulnerability from github – Published: 2022-05-13 01:37 – Updated: 2022-05-13 01:37
VLAI
Details

This vulnerability allows remote attackers to execute code by overwriting arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.tools.snmpwalk.snmpwalk_005fdo_jsp servlet, which listens on TCP port 8081 by default. When parsing the ip parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code under the context of Administrator. Was ZDI-CAN-5138.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-16598"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-01-23T01:29:00Z",
    "severity": "HIGH"
  },
  "details": "This vulnerability allows remote attackers to execute code by overwriting arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.tools.snmpwalk.snmpwalk_005fdo_jsp servlet, which listens on TCP port 8081 by default. When parsing the ip parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code under the context of Administrator. Was ZDI-CAN-5138.",
  "id": "GHSA-979m-8jph-qfmv",
  "modified": "2022-05-13T01:37:23Z",
  "published": "2022-05-13T01:37:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16598"
    },
    {
      "type": "WEB",
      "url": "https://zerodayinitiative.com/advisories/ZDI-17-963"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-97QP-7H55-JXGR

Vulnerability from github – Published: 2023-11-20 18:30 – Updated: 2023-11-20 18:30
VLAI
Details

PowerShell Information Disclosure Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-36013"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-11-20T16:15:08Z",
    "severity": "MODERATE"
  },
  "details": "PowerShell Information Disclosure Vulnerability",
  "id": "GHSA-97qp-7h55-jxgr",
  "modified": "2023-11-20T18:30:46Z",
  "published": "2023-11-20T18:30:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36013"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36013"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.