CWE-668
DiscouragedExposure of Resource to Wrong Sphere
Abstraction: Class · Status: Draft
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
1251 vulnerabilities reference this CWE, most recent first.
GHSA-C63M-82W2-W8F6
Vulnerability from github – Published: 2022-01-12 00:00 – Updated: 2024-11-14 21:31Remote Desktop Licensing Diagnoser Information Disclosure Vulnerability.
{
"affected": [],
"aliases": [
"CVE-2022-21964"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-01-11T21:15:00Z",
"severity": "MODERATE"
},
"details": "Remote Desktop Licensing Diagnoser Information Disclosure Vulnerability.",
"id": "GHSA-c63m-82w2-w8f6",
"modified": "2024-11-14T21:31:55Z",
"published": "2022-01-12T00:00:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21964"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21964"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21964"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-C6R9-Q7WR-W7FV
Vulnerability from github – Published: 2023-05-03 21:30 – Updated: 2024-04-04 03:47An issue has been discovered in GitLab affecting all versions starting from 13.11 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. It was possible that a project member demoted to a user role to read project updates by doing a diff with a pre-existing fork.
{
"affected": [],
"aliases": [
"CVE-2023-0485"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-05-03T21:15:16Z",
"severity": "MODERATE"
},
"details": "An issue has been discovered in GitLab affecting all versions starting from 13.11 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. It was possible that a project member demoted to a user role to read project updates by doing a diff with a pre-existing fork.",
"id": "GHSA-c6r9-q7wr-w7fv",
"modified": "2024-04-04T03:47:31Z",
"published": "2023-05-03T21:30:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0485"
},
{
"type": "WEB",
"url": "https://hackerone.com/reports/1837937"
},
{
"type": "WEB",
"url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0485.json"
},
{
"type": "WEB",
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/389191"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-C6RP-8VM7-PM5G
Vulnerability from github – Published: 2022-05-11 00:00 – Updated: 2025-01-02 21:31Windows Clustered Shared Volume Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-29122, CVE-2022-29123, CVE-2022-29134.
{
"affected": [],
"aliases": [
"CVE-2022-29120"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-05-10T21:15:00Z",
"severity": "MODERATE"
},
"details": "Windows Clustered Shared Volume Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-29122, CVE-2022-29123, CVE-2022-29134.",
"id": "GHSA-c6rp-8vm7-pm5g",
"modified": "2025-01-02T21:31:34Z",
"published": "2022-05-11T00:00:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29120"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29120"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29120"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-C72P-9XMJ-RX3W
Vulnerability from github – Published: 2021-07-26 21:17 – Updated: 2024-01-31 15:31Impact
A bug was found in containerd where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access to the expected owner of the file, widen access to others, or set extended bits like setuid, setgid, and sticky. This bug does not directly allow files to be read, modified, or executed without an additional cooperating process.
Patches
This bug has been fixed in containerd 1.5.4 and 1.4.8. Users should update to these versions as soon as they are released. Running containers do not need to be restarted.
Workarounds
Ensure you only pull images from trusted sources.
Linux security modules (LSMs) like SELinux and AppArmor can limit the files potentially affected by this bug through policies and profiles that prevent containerd from interacting with unexpected files.
For more information
If you have any questions or comments about this advisory:
- Open an issue
- Email us at security@containerd.io if you think you’ve found a security bug.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/containerd/containerd"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.4.8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/containerd/containerd"
},
"ranges": [
{
"events": [
{
"introduced": "1.5.0"
},
{
"fixed": "1.5.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-32760"
],
"database_specific": {
"cwe_ids": [
"CWE-668",
"CWE-732"
],
"github_reviewed": true,
"github_reviewed_at": "2021-07-22T20:21:14Z",
"nvd_published_at": "2021-07-19T21:15:00Z",
"severity": "MODERATE"
},
"details": "## Impact\n\nA bug was found in containerd where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host\u2019s filesystem. Changes to file permissions can deny access to the expected owner of the file, widen access to others, or set extended bits like setuid, setgid, and sticky. This bug does not directly allow files to be read, modified, or executed without an additional cooperating process.\n\n## Patches\n\nThis bug has been fixed in containerd 1.5.4 and 1.4.8. Users should update to these versions as soon as they are released. Running containers do not need to be restarted.\n\n## Workarounds\n\nEnsure you only pull images from trusted sources.\n\nLinux security modules (LSMs) like SELinux and AppArmor can limit the files potentially affected by this bug through policies and profiles that prevent containerd from interacting with unexpected files.\n\n## For more information\n\nIf you have any questions or comments about this advisory:\n\n* [Open an issue](https://github.com/containerd/containerd/issues/new/choose)\n* Email us at security@containerd.io if you think you\u2019ve found a security bug.",
"id": "GHSA-c72p-9xmj-rx3w",
"modified": "2024-01-31T15:31:56Z",
"published": "2021-07-26T21:17:45Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-c72p-9xmj-rx3w"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32760"
},
{
"type": "WEB",
"url": "https://github.com/containerd/containerd/commit/22e9a70c71eff6507be71955947a611f2ed91e6c"
},
{
"type": "WEB",
"url": "https://github.com/containerd/containerd/commit/7ad08c69e09ee4930a48dbf2aab3cd612458617f"
},
{
"type": "PACKAGE",
"url": "https://github.com/containerd/containerd"
},
{
"type": "WEB",
"url": "https://github.com/containerd/containerd/releases/tag/v1.4.8"
},
{
"type": "WEB",
"url": "https://github.com/containerd/containerd/releases/tag/v1.5.4"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDMNDPJJTP3J5GOEDB66F6MGXUTRG3Y3"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDMNDPJJTP3J5GOEDB66F6MGXUTRG3Y3"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202401-31"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
}
],
"summary": "Archive package allows chmod of file outside of unpack target directory"
}
GHSA-C76P-CR59-2V5J
Vulnerability from github – Published: 2022-05-24 19:18 – Updated: 2022-07-13 00:01Releases prior to VMware vRealize Operations Tenant App 8.6 contain an Information Disclosure Vulnerability.
{
"affected": [],
"aliases": [
"CVE-2021-22034"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-10-21T20:15:00Z",
"severity": "HIGH"
},
"details": "Releases prior to VMware vRealize Operations Tenant App 8.6 contain an Information Disclosure Vulnerability.",
"id": "GHSA-c76p-cr59-2v5j",
"modified": "2022-07-13T00:01:08Z",
"published": "2022-05-24T19:18:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22034"
},
{
"type": "WEB",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0024.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-C779-GMGX-23PC
Vulnerability from github – Published: 2022-01-11 00:01 – Updated: 2022-08-31 00:00The affected product is vulnerable to an improper access control, which may allow an authenticated user to gain unauthorized access to sensitive data.
{
"affected": [],
"aliases": [
"CVE-2021-23173"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-01-10T14:10:00Z",
"severity": "MODERATE"
},
"details": "The affected product is vulnerable to an improper access control, which may allow an authenticated user to gain unauthorized access to sensitive data.",
"id": "GHSA-c779-gmgx-23pc",
"modified": "2022-08-31T00:00:20Z",
"published": "2022-01-11T00:01:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23173"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsma-22-006-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-C7JV-4HGW-738V
Vulnerability from github – Published: 2022-05-24 19:13 – Updated: 2022-07-13 00:01A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4. A local user may be able to write arbitrary files.
{
"affected": [],
"aliases": [
"CVE-2021-1807"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-09-08T15:15:00Z",
"severity": "MODERATE"
},
"details": "A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4. A local user may be able to write arbitrary files.",
"id": "GHSA-c7jv-4hgw-738v",
"modified": "2022-07-13T00:01:01Z",
"published": "2022-05-24T19:13:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1807"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT212317"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT212324"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-C7PF-4HV4-Q9H9
Vulnerability from github – Published: 2022-05-24 19:19 – Updated: 2022-05-24 19:19An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in FortiManager 7.0.1 and below, 6.4.6 and below, 6.2.x, 6.0.x, 5.6.0 may allow a FortiGate user to see scripts from other ADOMS.
{
"affected": [],
"aliases": [
"CVE-2021-36192"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-11-03T11:15:00Z",
"severity": "LOW"
},
"details": "An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in FortiManager 7.0.1 and below, 6.4.6 and below, 6.2.x, 6.0.x, 5.6.0 may allow a FortiGate user to see scripts from other ADOMS.",
"id": "GHSA-c7pf-4hv4-q9h9",
"modified": "2022-05-24T19:19:35Z",
"published": "2022-05-24T19:19:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36192"
},
{
"type": "WEB",
"url": "https://fortiguard.com/advisory/FG-IR-21-103"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-C7XW-W4H7-P66C
Vulnerability from github – Published: 2022-05-13 01:37 – Updated: 2022-05-13 01:37This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.reports.templates.service.service_005ffailures_jsp servlet, which listens on TCP port 8081 by default. When parsing the filename parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to overwrite any files accessible to the Administrator. Was ZDI-CAN-5192.
{
"affected": [],
"aliases": [
"CVE-2017-16601"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-01-23T01:29:00Z",
"severity": "MODERATE"
},
"details": "This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.reports.templates.service.service_005ffailures_jsp servlet, which listens on TCP port 8081 by default. When parsing the filename parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to overwrite any files accessible to the Administrator. Was ZDI-CAN-5192.",
"id": "GHSA-c7xw-w4h7-p66c",
"modified": "2022-05-13T01:37:23Z",
"published": "2022-05-13T01:37:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16601"
},
{
"type": "WEB",
"url": "https://zerodayinitiative.com/advisories/ZDI-17-966"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-C86X-VFVF-3HM7
Vulnerability from github – Published: 2022-05-24 19:06 – Updated: 2022-10-26 12:00Adobe Premiere Elements version 5.2 (and earlier) is affected by an insecure temporary file creation vulnerability. An unauthenticated attacker could leverage this vulnerability to call functions against the installer to perform high privileged actions. Exploitation of this issue does not require user interaction.
{
"affected": [],
"aliases": [
"CVE-2021-28623"
],
"database_specific": {
"cwe_ids": [
"CWE-379",
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-06-28T15:15:00Z",
"severity": "MODERATE"
},
"details": "Adobe Premiere Elements version 5.2 (and earlier) is affected by an insecure temporary file creation vulnerability. An unauthenticated attacker could leverage this vulnerability to call functions against the installer to perform high privileged actions. Exploitation of this issue does not require user interaction.",
"id": "GHSA-c86x-vfvf-3hm7",
"modified": "2022-10-26T12:00:31Z",
"published": "2022-05-24T19:06:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28623"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/premiere_elements/apsb21-47.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.