Common Weakness Enumeration

CWE-668

Discouraged

Exposure of Resource to Wrong Sphere

Abstraction: Class · Status: Draft

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

1251 vulnerabilities reference this CWE, most recent first.

GHSA-C63M-82W2-W8F6

Vulnerability from github – Published: 2022-01-12 00:00 – Updated: 2024-11-14 21:31
VLAI
Details

Remote Desktop Licensing Diagnoser Information Disclosure Vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-21964"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-01-11T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Remote Desktop Licensing Diagnoser Information Disclosure Vulnerability.",
  "id": "GHSA-c63m-82w2-w8f6",
  "modified": "2024-11-14T21:31:55Z",
  "published": "2022-01-12T00:00:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21964"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21964"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21964"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C6R9-Q7WR-W7FV

Vulnerability from github – Published: 2023-05-03 21:30 – Updated: 2024-04-04 03:47
VLAI
Details

An issue has been discovered in GitLab affecting all versions starting from 13.11 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. It was possible that a project member demoted to a user role to read project updates by doing a diff with a pre-existing fork.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-0485"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-05-03T21:15:16Z",
    "severity": "MODERATE"
  },
  "details": "An issue has been discovered in GitLab affecting all versions starting from 13.11 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. It was possible that a project member demoted to a user role to read project updates by doing a diff with a pre-existing fork.",
  "id": "GHSA-c6r9-q7wr-w7fv",
  "modified": "2024-04-04T03:47:31Z",
  "published": "2023-05-03T21:30:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0485"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/1837937"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0485.json"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/389191"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C6RP-8VM7-PM5G

Vulnerability from github – Published: 2022-05-11 00:00 – Updated: 2025-01-02 21:31
VLAI
Details

Windows Clustered Shared Volume Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-29122, CVE-2022-29123, CVE-2022-29134.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-29120"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-05-10T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Windows Clustered Shared Volume Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-29122, CVE-2022-29123, CVE-2022-29134.",
  "id": "GHSA-c6rp-8vm7-pm5g",
  "modified": "2025-01-02T21:31:34Z",
  "published": "2022-05-11T00:00:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29120"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29120"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29120"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C72P-9XMJ-RX3W

Vulnerability from github – Published: 2021-07-26 21:17 – Updated: 2024-01-31 15:31
VLAI
Summary
Archive package allows chmod of file outside of unpack target directory
Details

Impact

A bug was found in containerd where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access to the expected owner of the file, widen access to others, or set extended bits like setuid, setgid, and sticky. This bug does not directly allow files to be read, modified, or executed without an additional cooperating process.

Patches

This bug has been fixed in containerd 1.5.4 and 1.4.8. Users should update to these versions as soon as they are released. Running containers do not need to be restarted.

Workarounds

Ensure you only pull images from trusted sources.

Linux security modules (LSMs) like SELinux and AppArmor can limit the files potentially affected by this bug through policies and profiles that prevent containerd from interacting with unexpected files.

For more information

If you have any questions or comments about this advisory:

  • Open an issue
  • Email us at security@containerd.io if you think you’ve found a security bug.
Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/containerd/containerd"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.4.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/containerd/containerd"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.5.0"
            },
            {
              "fixed": "1.5.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-32760"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668",
      "CWE-732"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-07-22T20:21:14Z",
    "nvd_published_at": "2021-07-19T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "## Impact\n\nA bug was found in containerd where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host\u2019s filesystem.  Changes to file permissions can deny access to the expected owner of the file, widen access to others, or set extended bits like setuid, setgid, and sticky.  This bug does not directly allow files to be read, modified, or executed without an additional cooperating process.\n\n## Patches\n\nThis bug has been fixed in containerd 1.5.4 and 1.4.8.  Users should update to these versions as soon as they are released.  Running containers do not need to be restarted.\n\n## Workarounds\n\nEnsure you only pull images from trusted sources.\n\nLinux security modules (LSMs) like SELinux and AppArmor can limit the files potentially affected by this bug through policies and profiles that prevent containerd from interacting with unexpected files.\n\n## For more information\n\nIf you have any questions or comments about this advisory:\n\n* [Open an issue](https://github.com/containerd/containerd/issues/new/choose)\n* Email us at security@containerd.io if you think you\u2019ve found a security bug.",
  "id": "GHSA-c72p-9xmj-rx3w",
  "modified": "2024-01-31T15:31:56Z",
  "published": "2021-07-26T21:17:45Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/containerd/containerd/security/advisories/GHSA-c72p-9xmj-rx3w"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32760"
    },
    {
      "type": "WEB",
      "url": "https://github.com/containerd/containerd/commit/22e9a70c71eff6507be71955947a611f2ed91e6c"
    },
    {
      "type": "WEB",
      "url": "https://github.com/containerd/containerd/commit/7ad08c69e09ee4930a48dbf2aab3cd612458617f"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/containerd/containerd"
    },
    {
      "type": "WEB",
      "url": "https://github.com/containerd/containerd/releases/tag/v1.4.8"
    },
    {
      "type": "WEB",
      "url": "https://github.com/containerd/containerd/releases/tag/v1.5.4"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDMNDPJJTP3J5GOEDB66F6MGXUTRG3Y3"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDMNDPJJTP3J5GOEDB66F6MGXUTRG3Y3"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202401-31"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Archive package allows chmod of file outside of unpack target directory"
}

GHSA-C76P-CR59-2V5J

Vulnerability from github – Published: 2022-05-24 19:18 – Updated: 2022-07-13 00:01
VLAI
Details

Releases prior to VMware vRealize Operations Tenant App 8.6 contain an Information Disclosure Vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-22034"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-10-21T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "Releases prior to VMware vRealize Operations Tenant App 8.6 contain an Information Disclosure Vulnerability.",
  "id": "GHSA-c76p-cr59-2v5j",
  "modified": "2022-07-13T00:01:08Z",
  "published": "2022-05-24T19:18:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22034"
    },
    {
      "type": "WEB",
      "url": "https://www.vmware.com/security/advisories/VMSA-2021-0024.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C779-GMGX-23PC

Vulnerability from github – Published: 2022-01-11 00:01 – Updated: 2022-08-31 00:00
VLAI
Details

The affected product is vulnerable to an improper access control, which may allow an authenticated user to gain unauthorized access to sensitive data.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-23173"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-01-10T14:10:00Z",
    "severity": "MODERATE"
  },
  "details": "The affected product is vulnerable to an improper access control, which may allow an authenticated user to gain unauthorized access to sensitive data.",
  "id": "GHSA-c779-gmgx-23pc",
  "modified": "2022-08-31T00:00:20Z",
  "published": "2022-01-11T00:01:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23173"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/uscert/ics/advisories/icsma-22-006-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C7JV-4HGW-738V

Vulnerability from github – Published: 2022-05-24 19:13 – Updated: 2022-07-13 00:01
VLAI
Details

A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4. A local user may be able to write arbitrary files.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-1807"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-09-08T15:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4. A local user may be able to write arbitrary files.",
  "id": "GHSA-c7jv-4hgw-738v",
  "modified": "2022-07-13T00:01:01Z",
  "published": "2022-05-24T19:13:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1807"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT212317"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT212324"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C7PF-4HV4-Q9H9

Vulnerability from github – Published: 2022-05-24 19:19 – Updated: 2022-05-24 19:19
VLAI
Details

An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in FortiManager 7.0.1 and below, 6.4.6 and below, 6.2.x, 6.0.x, 5.6.0 may allow a FortiGate user to see scripts from other ADOMS.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-36192"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-11-03T11:15:00Z",
    "severity": "LOW"
  },
  "details": "An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in FortiManager 7.0.1 and below, 6.4.6 and below, 6.2.x, 6.0.x, 5.6.0 may allow a FortiGate user to see scripts from other ADOMS.",
  "id": "GHSA-c7pf-4hv4-q9h9",
  "modified": "2022-05-24T19:19:35Z",
  "published": "2022-05-24T19:19:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36192"
    },
    {
      "type": "WEB",
      "url": "https://fortiguard.com/advisory/FG-IR-21-103"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C7XW-W4H7-P66C

Vulnerability from github – Published: 2022-05-13 01:37 – Updated: 2022-05-13 01:37
VLAI
Details

This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.reports.templates.service.service_005ffailures_jsp servlet, which listens on TCP port 8081 by default. When parsing the filename parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to overwrite any files accessible to the Administrator. Was ZDI-CAN-5192.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-16601"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-01-23T01:29:00Z",
    "severity": "MODERATE"
  },
  "details": "This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.reports.templates.service.service_005ffailures_jsp servlet, which listens on TCP port 8081 by default. When parsing the filename parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to overwrite any files accessible to the Administrator. Was ZDI-CAN-5192.",
  "id": "GHSA-c7xw-w4h7-p66c",
  "modified": "2022-05-13T01:37:23Z",
  "published": "2022-05-13T01:37:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16601"
    },
    {
      "type": "WEB",
      "url": "https://zerodayinitiative.com/advisories/ZDI-17-966"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C86X-VFVF-3HM7

Vulnerability from github – Published: 2022-05-24 19:06 – Updated: 2022-10-26 12:00
VLAI
Details

Adobe Premiere Elements version 5.2 (and earlier) is affected by an insecure temporary file creation vulnerability. An unauthenticated attacker could leverage this vulnerability to call functions against the installer to perform high privileged actions. Exploitation of this issue does not require user interaction.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-28623"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-379",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-06-28T15:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Adobe Premiere Elements version 5.2 (and earlier) is affected by an insecure temporary file creation vulnerability. An unauthenticated attacker could leverage this vulnerability to call functions against the installer to perform high privileged actions. Exploitation of this issue does not require user interaction.",
  "id": "GHSA-c86x-vfvf-3hm7",
  "modified": "2022-10-26T12:00:31Z",
  "published": "2022-05-24T19:06:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28623"
    },
    {
      "type": "WEB",
      "url": "https://helpx.adobe.com/security/products/premiere_elements/apsb21-47.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.