Common Weakness Enumeration

CWE-668

Discouraged

Exposure of Resource to Wrong Sphere

Abstraction: Class · Status: Draft

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

1251 vulnerabilities reference this CWE, most recent first.

GHSA-WR95-679J-87V9

Vulnerability from github – Published: 2022-05-24 19:07 – Updated: 2022-05-24 19:07
VLAI
Details

An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-31810"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-07-13T13:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions).",
  "id": "GHSA-wr95-679j-87v9",
  "modified": "2022-05-24T19:07:36Z",
  "published": "2022-05-24T19:07:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31810"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/1145454"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00009.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00033.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MWXHK5UUHVSHF7HTHMX6JY3WXDVNIHSL"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWXHK5UUHVSHF7HTHMX6JY3WXDVNIHSL"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202401-27"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20210917-0001"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
    },
    {
      "type": "WEB",
      "url": "https://www.ruby-lang.org/en/news/2021/07/07/trusting-pasv-responses-in-net-ftp"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WRWG-GCQP-2G8M

Vulnerability from github – Published: 2022-09-09 00:00 – Updated: 2022-09-16 00:00
VLAI
Details

A local file inclusion (LFI) vulnerability in D-Link DIR 819 v1.06 allows attackers to cause a Denial of Service (DoS) or access sensitive server information via manipulation of the getpage parameter in a crafted web request.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-38258"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-09-08T18:15:00Z",
    "severity": "HIGH"
  },
  "details": "A local file inclusion (LFI) vulnerability in D-Link DIR 819 v1.06 allows attackers to cause a Denial of Service (DoS) or access sensitive server information via manipulation of the getpage parameter in a crafted web request.",
  "id": "GHSA-wrwg-gcqp-2g8m",
  "modified": "2022-09-16T00:00:40Z",
  "published": "2022-09-09T00:00:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38258"
    },
    {
      "type": "WEB",
      "url": "https://whokilleddb.github.io/blogs/posts/dlink_dir-819_lfi_and_dos"
    },
    {
      "type": "WEB",
      "url": "https://www.dlink.com/en/security-bulletin"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WV26-88M5-6H59

Vulnerability from github – Published: 2026-05-05 18:37 – Updated: 2026-05-13 14:18
VLAI
Summary
External Secrets Operator has Namespace Isolation Bypass in CAProvider ConfigMap Resolution for SecretStore
Details

Impact

Namespaced SecretStore resources that used CAProvider with type ConfigMap could resolve CA material from another namespace when caProvider.namespace was set. This bypassed the namespace boundary enforced for SecretStore-backed references in providers that rely on the shared runtime CA resolver.

The accessible data is used as CA validation material, hence it is not directly exposed.

Impact: - Direct data exfiltration risk: low - Existence disclosure: an attacker can infer whether a target ConfigMap/key exists in another namespace. - Trust-boundary violation: a tenant can make its SecretStore consume CA material owned by another namespace.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/external-secrets/external-secrets"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.4.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-42875"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-285",
      "CWE-668"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-05-05T18:37:12Z",
    "nvd_published_at": "2026-05-11T20:25:44Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nNamespaced SecretStore resources that used CAProvider with type `ConfigMap` could resolve CA material from another namespace when `caProvider.namespace` was set. \nThis bypassed the namespace boundary enforced for SecretStore-backed references in providers that rely on the shared runtime CA resolver. \n\nThe accessible data is used as CA validation material, hence it is not directly exposed.\n\nImpact:\n- Direct data exfiltration risk: low\n- Existence disclosure: an attacker can infer whether a target ConfigMap/key exists in another namespace.\n- Trust-boundary violation: a tenant can make its SecretStore consume CA material owned by another namespace.",
  "id": "GHSA-wv26-88m5-6h59",
  "modified": "2026-05-13T14:18:52Z",
  "published": "2026-05-05T18:37:12Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/external-secrets/external-secrets/security/advisories/GHSA-wv26-88m5-6h59"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42875"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/external-secrets/external-secrets"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "External Secrets Operator has Namespace Isolation Bypass in CAProvider ConfigMap Resolution for SecretStore"
}

GHSA-WV3W-FCVM-P52V

Vulnerability from github – Published: 2021-12-15 00:01 – Updated: 2021-12-18 00:01
VLAI
Details

A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All versions), Siveillance Identity V1.6 (All versions < V1.6.284.0). Affected applications insufficiently limit the access to the internal message broker system. This could allow an unauthenticated remote attacker to subscribe to arbitrary message queues.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-44522"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-12-14T12:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All versions), Siveillance Identity V1.6 (All versions \u003c V1.6.284.0). Affected applications insufficiently limit the access to the internal message broker system. This could allow an unauthenticated remote attacker to subscribe to arbitrary message queues.",
  "id": "GHSA-wv3w-fcvm-p52v",
  "modified": "2021-12-18T00:01:57Z",
  "published": "2021-12-15T00:01:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44522"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-160202.pdf"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-463116.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-WV48-PVF9-QV86

Vulnerability from github – Published: 2023-01-03 00:30 – Updated: 2023-01-09 21:30
VLAI
Details

Inappropriate implementation in Paint in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to leak cross-origin data outside an iframe via a crafted HTML page. (Chrome security severity: Low)

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-4025"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-01-02T23:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Inappropriate implementation in Paint in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to leak cross-origin data outside an iframe via a crafted HTML page. (Chrome security severity: Low)",
  "id": "GHSA-wv48-pvf9-qv86",
  "modified": "2023-01-09T21:30:22Z",
  "published": "2023-01-03T00:30:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4025"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html"
    },
    {
      "type": "WEB",
      "url": "https://crbug.com/1260250"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WV7P-48P2-XRVW

Vulnerability from github – Published: 2022-04-28 00:00 – Updated: 2022-05-05 00:00
VLAI
Details

IBM QRadar SIEM 7.3, 7.4, and 7.5 allows for users to access information across tenant and domain boundaries in some situations. IBM X-Force ID: 208397.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-38874"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-04-27T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "IBM QRadar SIEM 7.3, 7.4, and 7.5 allows for users to access information across tenant and domain boundaries in some situations. IBM X-Force ID: 208397.",
  "id": "GHSA-wv7p-48p2-xrvw",
  "modified": "2022-05-05T00:00:32Z",
  "published": "2022-04-28T00:00:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38874"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/208397"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/6574787"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WVVH-P7C3-9MR7

Vulnerability from github – Published: 2023-11-13 18:30 – Updated: 2023-11-13 18:30
VLAI
Details

Use of implicit intent for sensitive communication vulnerability in startAgreeToDisclaimerActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-42546"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-11-07T08:15:21Z",
    "severity": "MODERATE"
  },
  "details": "Use of implicit intent for sensitive communication vulnerability in startAgreeToDisclaimerActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.",
  "id": "GHSA-wvvh-p7c3-9mr7",
  "modified": "2023-11-13T18:30:59Z",
  "published": "2023-11-13T18:30:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42546"
    },
    {
      "type": "WEB",
      "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023\u0026month=11"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WVW9-5VQ9-WMCQ

Vulnerability from github – Published: 2022-10-07 18:15 – Updated: 2022-10-10 00:00
VLAI
Details

IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly when using encrypted hosts which could result in information disclosure. IBM X-Force ID: 225889.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-22480"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-10-07T17:15:00Z",
    "severity": "HIGH"
  },
  "details": "IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly when using encrypted hosts which could result in information disclosure. IBM X-Force ID: 225889.",
  "id": "GHSA-wvw9-5vq9-wmcq",
  "modified": "2022-10-10T00:00:32Z",
  "published": "2022-10-07T18:15:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22480"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/225889"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/6826695"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WWP8-3R8G-W274

Vulnerability from github – Published: 2022-07-13 00:01 – Updated: 2022-07-16 00:00
VLAI
Details

Exposure of Sensitive Information in CSC application prior to SMR Jul-2022 Release 1 allows local attacker to access wifi information via unprotected intent broadcasting.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-33694"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-07-12T14:15:00Z",
    "severity": "LOW"
  },
  "details": "Exposure of Sensitive Information in CSC application prior to SMR Jul-2022 Release 1 allows local attacker to access wifi information via unprotected intent broadcasting.",
  "id": "GHSA-wwp8-3r8g-w274",
  "modified": "2022-07-16T00:00:22Z",
  "published": "2022-07-13T00:01:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33694"
    },
    {
      "type": "WEB",
      "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2022\u0026month=7"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WWR3-QQ72-5VCC

Vulnerability from github – Published: 2022-05-24 19:18 – Updated: 2022-05-24 19:18
VLAI
Details

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to the query component JQL endpoint via a Broken Access Control vulnerability (BAC) vulnerability. The affected versions are before version 8.5.10, and from version 8.6.0 before 8.13.1.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-39127"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-10-21T03:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to the query component JQL endpoint via a Broken Access Control vulnerability (BAC) vulnerability. The affected versions are before version 8.5.10, and from version 8.6.0 before 8.13.1.",
  "id": "GHSA-wwr3-qq72-5vcc",
  "modified": "2022-05-24T19:18:30Z",
  "published": "2022-05-24T19:18:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39127"
    },
    {
      "type": "WEB",
      "url": "https://jira.atlassian.com/browse/JRASERVER-72003"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.