Common Weakness Enumeration

CWE-668

Discouraged

Exposure of Resource to Wrong Sphere

Abstraction: Class · Status: Draft

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

1251 vulnerabilities reference this CWE, most recent first.

GHSA-CVH5-P6R6-G2QC

Vulnerability from github – Published: 2021-08-30 16:13 – Updated: 2021-08-26 20:11
VLAI
Summary
Exposed phpinfo() leadked via documentation files
Details

Impact

The phpinfo() can be exposed if the /vendor is not protected from public access. This is a rare situation today since the vendor directory is often located outside the web directory or protected via server rule (.htaccess, etc).

Patches

Only the v6, v7 and v8 will be patched respectively in 8.0.7, 7.1.2, 6.1.5. Older versions such as v5, v4 are not longer supported and will NOT be patched.

Workarounds

Protect the /vendor directory from public access.

References

The first issue revealing this vulnerability is located here: https://github.com/flextype/flextype/issues/567 V6 fix: https://github.com/PHPSocialNetwork/phpfastcache/pull/815 V7 fix: https://github.com/PHPSocialNetwork/phpfastcache/pull/814 V8 fix: https://github.com/PHPSocialNetwork/phpfastcache/pull/813

For more information

If you have any questions or comments about this advisory: * Open an issue in our issue tracker * Email us at security@geolim4.com

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "phpfastcache/phpfastcache"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.1.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "phpfastcache/phpfastcache"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.1.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "phpfastcache/phpfastcache"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "8.0.0"
            },
            {
              "fixed": "8.0.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-37704"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-668"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-08-26T20:11:49Z",
    "nvd_published_at": "2021-08-12T20:15:00Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\nThe `phpinfo()` can be exposed if the `/vendor` is not protected from public access. This is a rare situation today since the vendor directory is often located outside the web directory or protected via server rule (.htaccess, etc).\n\n### Patches\nOnly the v6, v7 and v8 will be patched respectively in 8.0.7, 7.1.2, 6.1.5.\nOlder versions such as v5, v4 are not longer supported and will **NOT** be patched.\n\n### Workarounds\nProtect the `/vendor` directory from public access.\n\n### References\nThe first issue revealing this vulnerability is located here: https://github.com/flextype/flextype/issues/567\nV6 fix: https://github.com/PHPSocialNetwork/phpfastcache/pull/815\nV7 fix: https://github.com/PHPSocialNetwork/phpfastcache/pull/814\nV8 fix: https://github.com/PHPSocialNetwork/phpfastcache/pull/813\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [our issue tracker](https://github.com/PHPSocialNetwork/phpfastcache/issues)\n* Email us at [security@geolim4.com](mailto:security@geolim4.com)\n",
  "id": "GHSA-cvh5-p6r6-g2qc",
  "modified": "2021-08-26T20:11:49Z",
  "published": "2021-08-30T16:13:40Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/PHPSocialNetwork/phpfastcache/security/advisories/GHSA-cvh5-p6r6-g2qc"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37704"
    },
    {
      "type": "WEB",
      "url": "https://github.com/flextype/flextype/issues/567"
    },
    {
      "type": "WEB",
      "url": "https://github.com/PHPSocialNetwork/phpfastcache/pull/813"
    },
    {
      "type": "WEB",
      "url": "https://github.com/PHPSocialNetwork/phpfastcache/pull/814"
    },
    {
      "type": "WEB",
      "url": "https://github.com/PHPSocialNetwork/phpfastcache/pull/815"
    },
    {
      "type": "WEB",
      "url": "https://github.com/PHPSocialNetwork/phpfastcache/commit/41a77d0d8f126dbd6fbedcd9e6a82e86cdaafa51"
    },
    {
      "type": "WEB",
      "url": "https://github.com/PHPSocialNetwork/phpfastcache/blob/master/CHANGELOG.md#807"
    },
    {
      "type": "WEB",
      "url": "https://packagist.org/packages/phpfastcache/phpfastcache"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Exposed phpinfo() leadked via documentation files"
}

GHSA-CVHX-QP79-FG83

Vulnerability from github – Published: 2023-12-04 03:30 – Updated: 2023-12-07 18:30
VLAI
Details

In telephony service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-42715"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-12-04T01:15:10Z",
    "severity": "MODERATE"
  },
  "details": "In telephony service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed",
  "id": "GHSA-cvhx-qp79-fg83",
  "modified": "2023-12-07T18:30:27Z",
  "published": "2023-12-04T03:30:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42715"
    },
    {
      "type": "WEB",
      "url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CVX5-M8VG-VXGC

Vulnerability from github – Published: 2022-04-28 21:16 – Updated: 2022-04-28 21:16
VLAI
Summary
Arbitrary filesystem write access from velocity.
Details

Impact

The velocity scripts is not properly sandboxed against using the Java File API to perform read or write operations on the filesystem. Now writing an attacking script in velocity requires the Script rights in XWiki so not all users can use it, and it also requires finding an XWiki API which returns a File.

Patches

The problem has been patched on versions 12.6.7, 12.10.3 and 13.0RC1.

Workarounds

There's no easy workaround for fixing this vulnerability other than upgrading and being careful when giving Script rights.

References

https://jira.xwiki.org/browse/XWIKI-5168

For more information

If you have any questions or comments about this advisory: * Open an issue in Jira XWiki * Email us at XWiki Security mailing-list

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.xwiki.commons:xwiki-commons-velocity"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.3.0"
            },
            {
              "fixed": "12.6.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.xwiki.commons:xwiki-commons-velocity"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "12.7.0"
            },
            {
              "fixed": "12.10.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-24897"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22",
      "CWE-668"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-04-28T21:16:40Z",
    "nvd_published_at": "2022-05-02T22:15:00Z",
    "severity": "HIGH"
  },
  "details": "### Impact\n\nThe velocity scripts is not properly sandboxed against using the Java File API to perform read or write operations on the filesystem. Now writing an attacking script in velocity requires the Script rights in XWiki so not all users can use it, and it also requires finding an XWiki API which returns a File. \n\n### Patches\nThe problem has been patched on versions 12.6.7, 12.10.3 and 13.0RC1.\n\n### Workarounds\nThere\u0027s no easy workaround for fixing this vulnerability other than upgrading and being careful when giving Script rights.\n\n### References\nhttps://jira.xwiki.org/browse/XWIKI-5168\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [Jira XWiki](https://jira.xwiki.org)\n* Email us at [XWiki Security mailing-list](mailto:security@xwiki.org)\n",
  "id": "GHSA-cvx5-m8vg-vxgc",
  "modified": "2022-04-28T21:16:40Z",
  "published": "2022-04-28T21:16:40Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/xwiki/xwiki-commons/security/advisories/GHSA-cvx5-m8vg-vxgc"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24897"
    },
    {
      "type": "WEB",
      "url": "https://github.com/xwiki/xwiki-commons/pull/127"
    },
    {
      "type": "WEB",
      "url": "https://github.com/xwiki/xwiki-commons/commit/215951cfb0f808d0bf5b1097c9e7d1e503449ab8"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/xwiki/xwiki-commons"
    },
    {
      "type": "WEB",
      "url": "https://jira.xwiki.org/browse/XWIKI-5168"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Arbitrary filesystem write access from velocity."
}

GHSA-CW64-PQ7M-342R

Vulnerability from github – Published: 2023-02-20 03:30 – Updated: 2025-03-18 15:30
VLAI
Details

In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-26081"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-02-20T03:15:00Z",
    "severity": "HIGH"
  },
  "details": "In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts.",
  "id": "GHSA-cw64-pq7m-342r",
  "modified": "2025-03-18T15:30:35Z",
  "published": "2023-02-20T03:30:18Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/google/security-research/security/advisories/GHSA-mhhf-w9xw-pp9x"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26081"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.gnome.org/GNOME/epiphany/-/merge_requests/1275"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00015.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFWUNG6E4ZT43EYNHKYXS7QVSO2VW2H2"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SADQCSQKTJKTTIJMEPY7GII6IVQSKEKV"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IFWUNG6E4ZT43EYNHKYXS7QVSO2VW2H2"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SADQCSQKTJKTTIJMEPY7GII6IVQSKEKV"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CW9V-Q2H7-7X99

Vulnerability from github – Published: 2022-05-24 19:01 – Updated: 2022-05-24 19:01
VLAI
Details

A vulnerability in Cisco Wide Area Application Services (WAAS) Software could allow an authenticated, local attacker to gain access to sensitive information on an affected device. The vulnerability is due to improper input validation and authorization of specific commands that a user can execute within the CLI. An attacker could exploit this vulnerability by authenticating to an affected device and issuing a specific set of commands. A successful exploit could allow the attacker to read arbitrary files that they originally did not have permissions to access.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-1438"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-05-06T13:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in Cisco Wide Area Application Services (WAAS) Software could allow an authenticated, local attacker to gain access to sensitive information on an affected device. The vulnerability is due to improper input validation and authorization of specific commands that a user can execute within the CLI. An attacker could exploit this vulnerability by authenticating to an affected device and issuing a specific set of commands. A successful exploit could allow the attacker to read arbitrary files that they originally did not have permissions to access.",
  "id": "GHSA-cw9v-q2h7-7x99",
  "modified": "2022-05-24T19:01:36Z",
  "published": "2022-05-24T19:01:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1438"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-waas-infdisc-Twb4EypK"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-CX6R-G7FP-47W8

Vulnerability from github – Published: 2022-05-24 22:28 – Updated: 2022-07-13 00:01
VLAI
Details

A permissions issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.5. A malicious application may be able to access a user’s recent Contacts.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-30803"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-09-08T14:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A permissions issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.5. A malicious application may be able to access a user\u2019s recent Contacts.",
  "id": "GHSA-cx6r-g7fp-47w8",
  "modified": "2022-07-13T00:01:24Z",
  "published": "2022-05-24T22:28:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30803"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT212602"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CXCG-FX4Q-4W62

Vulnerability from github – Published: 2022-05-24 22:00 – Updated: 2022-05-24 22:00
VLAI
Details

An exploitable local privilege elevation vulnerability exists in the file system permissions of the Temp directory in GOG Galaxy 1.2.48.36 (Windows 64-bit Installer). An attacker can overwrite executables of the Desktop Galaxy Updater to exploit this vulnerability and execute arbitrary code with SYSTEM privileges.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-4048"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-05-30T17:29:00Z",
    "severity": "HIGH"
  },
  "details": "An exploitable local privilege elevation vulnerability exists in the file system permissions of the `Temp` directory in GOG Galaxy 1.2.48.36 (Windows 64-bit Installer). An attacker can overwrite executables of the Desktop Galaxy Updater to exploit this vulnerability and execute arbitrary code with SYSTEM privileges.",
  "id": "GHSA-cxcg-fx4q-4w62",
  "modified": "2022-05-24T22:00:01Z",
  "published": "2022-05-24T22:00:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-4048"
    },
    {
      "type": "WEB",
      "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0722"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CXJM-5X23-FHVF

Vulnerability from github – Published: 2022-05-24 19:11 – Updated: 2022-07-13 00:01
VLAI
Details

IBM QRadar SIEM 7.4.3 GA - 7.4.3 Fix Pack 1 when using domains or multi-tenancy could be vulnerable to information disclosure between tenants by routing SIEM data to the incorrect domain. IBM X-Force ID: 206979.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-29880"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-08-13T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "IBM QRadar SIEM 7.4.3 GA - 7.4.3 Fix Pack 1 when using domains or multi-tenancy could be vulnerable to information disclosure between tenants by routing SIEM data to the incorrect domain. IBM X-Force ID: 206979.",
  "id": "GHSA-cxjm-5x23-fhvf",
  "modified": "2022-07-13T00:01:17Z",
  "published": "2022-05-24T19:11:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29880"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/206979"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/6480957"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-F243-59WC-PC7V

Vulnerability from github – Published: 2023-09-20 03:30 – Updated: 2024-04-04 07:45
VLAI
Details

NVIDIA GeForce Now for Android contains a vulnerability in the game launcher component, where a malicious application on the same device can process the implicit intent meant for the streamer component. A successful exploit of this vulnerability may lead to limited information disclosure, denial of service, and code execution.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-31014"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668",
      "CWE-927"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-09-20T02:15:20Z",
    "severity": "MODERATE"
  },
  "details": "NVIDIA GeForce Now for Android contains a vulnerability in the game launcher component, where a malicious application on the same device can process the implicit intent meant for the streamer component. A successful exploit of this vulnerability may lead to limited information disclosure, denial of service, and code execution.",
  "id": "GHSA-f243-59wc-pc7v",
  "modified": "2024-04-04T07:45:22Z",
  "published": "2023-09-20T03:30:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31014"
    },
    {
      "type": "WEB",
      "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5476"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-F266-V5MW-4629

Vulnerability from github – Published: 2022-06-15 00:00 – Updated: 2022-06-23 00:00
VLAI
Details

Processing DCB/AVB algorithm with an invalid queue index from IOCTL request could lead to arbitrary address modification in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-35092"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-06-14T10:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Processing DCB/AVB algorithm with an invalid queue index from IOCTL request could lead to arbitrary address modification in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music",
  "id": "GHSA-f266-v5mw-4629",
  "modified": "2022-06-23T00:00:23Z",
  "published": "2022-06-15T00:00:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35092"
    },
    {
      "type": "WEB",
      "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.