CWE-668
DiscouragedExposure of Resource to Wrong Sphere
Abstraction: Class · Status: Draft
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
1251 vulnerabilities reference this CWE, most recent first.
GHSA-WR95-679J-87V9
Vulnerability from github – Published: 2022-05-24 19:07 – Updated: 2022-05-24 19:07An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions).
{
"affected": [],
"aliases": [
"CVE-2021-31810"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-07-13T13:15:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions).",
"id": "GHSA-wr95-679j-87v9",
"modified": "2022-05-24T19:07:36Z",
"published": "2022-05-24T19:07:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31810"
},
{
"type": "WEB",
"url": "https://hackerone.com/reports/1145454"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00009.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00033.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MWXHK5UUHVSHF7HTHMX6JY3WXDVNIHSL"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWXHK5UUHVSHF7HTHMX6JY3WXDVNIHSL"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202401-27"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20210917-0001"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"type": "WEB",
"url": "https://www.ruby-lang.org/en/news/2021/07/07/trusting-pasv-responses-in-net-ftp"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-WRWG-GCQP-2G8M
Vulnerability from github – Published: 2022-09-09 00:00 – Updated: 2022-09-16 00:00A local file inclusion (LFI) vulnerability in D-Link DIR 819 v1.06 allows attackers to cause a Denial of Service (DoS) or access sensitive server information via manipulation of the getpage parameter in a crafted web request.
{
"affected": [],
"aliases": [
"CVE-2022-38258"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-09-08T18:15:00Z",
"severity": "HIGH"
},
"details": "A local file inclusion (LFI) vulnerability in D-Link DIR 819 v1.06 allows attackers to cause a Denial of Service (DoS) or access sensitive server information via manipulation of the getpage parameter in a crafted web request.",
"id": "GHSA-wrwg-gcqp-2g8m",
"modified": "2022-09-16T00:00:40Z",
"published": "2022-09-09T00:00:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38258"
},
{
"type": "WEB",
"url": "https://whokilleddb.github.io/blogs/posts/dlink_dir-819_lfi_and_dos"
},
{
"type": "WEB",
"url": "https://www.dlink.com/en/security-bulletin"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WV26-88M5-6H59
Vulnerability from github – Published: 2026-05-05 18:37 – Updated: 2026-05-13 14:18Impact
Namespaced SecretStore resources that used CAProvider with type ConfigMap could resolve CA material from another namespace when caProvider.namespace was set.
This bypassed the namespace boundary enforced for SecretStore-backed references in providers that rely on the shared runtime CA resolver.
The accessible data is used as CA validation material, hence it is not directly exposed.
Impact: - Direct data exfiltration risk: low - Existence disclosure: an attacker can infer whether a target ConfigMap/key exists in another namespace. - Trust-boundary violation: a tenant can make its SecretStore consume CA material owned by another namespace.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/external-secrets/external-secrets"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.4.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-42875"
],
"database_specific": {
"cwe_ids": [
"CWE-285",
"CWE-668"
],
"github_reviewed": true,
"github_reviewed_at": "2026-05-05T18:37:12Z",
"nvd_published_at": "2026-05-11T20:25:44Z",
"severity": "MODERATE"
},
"details": "### Impact\n\nNamespaced SecretStore resources that used CAProvider with type `ConfigMap` could resolve CA material from another namespace when `caProvider.namespace` was set. \nThis bypassed the namespace boundary enforced for SecretStore-backed references in providers that rely on the shared runtime CA resolver. \n\nThe accessible data is used as CA validation material, hence it is not directly exposed.\n\nImpact:\n- Direct data exfiltration risk: low\n- Existence disclosure: an attacker can infer whether a target ConfigMap/key exists in another namespace.\n- Trust-boundary violation: a tenant can make its SecretStore consume CA material owned by another namespace.",
"id": "GHSA-wv26-88m5-6h59",
"modified": "2026-05-13T14:18:52Z",
"published": "2026-05-05T18:37:12Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/external-secrets/external-secrets/security/advisories/GHSA-wv26-88m5-6h59"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42875"
},
{
"type": "PACKAGE",
"url": "https://github.com/external-secrets/external-secrets"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"type": "CVSS_V4"
}
],
"summary": "External Secrets Operator has Namespace Isolation Bypass in CAProvider ConfigMap Resolution for SecretStore"
}
GHSA-WV3W-FCVM-P52V
Vulnerability from github – Published: 2021-12-15 00:01 – Updated: 2021-12-18 00:01A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All versions), Siveillance Identity V1.6 (All versions < V1.6.284.0). Affected applications insufficiently limit the access to the internal message broker system. This could allow an unauthenticated remote attacker to subscribe to arbitrary message queues.
{
"affected": [],
"aliases": [
"CVE-2021-44522"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-12-14T12:15:00Z",
"severity": "HIGH"
},
"details": "A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identity V1.5 (All versions), Siveillance Identity V1.6 (All versions \u003c V1.6.284.0). Affected applications insufficiently limit the access to the internal message broker system. This could allow an unauthenticated remote attacker to subscribe to arbitrary message queues.",
"id": "GHSA-wv3w-fcvm-p52v",
"modified": "2021-12-18T00:01:57Z",
"published": "2021-12-15T00:01:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44522"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-160202.pdf"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-463116.pdf"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-WV48-PVF9-QV86
Vulnerability from github – Published: 2023-01-03 00:30 – Updated: 2023-01-09 21:30Inappropriate implementation in Paint in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to leak cross-origin data outside an iframe via a crafted HTML page. (Chrome security severity: Low)
{
"affected": [],
"aliases": [
"CVE-2022-4025"
],
"database_specific": {
"cwe_ids": [
"CWE-203",
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-01-02T23:15:00Z",
"severity": "MODERATE"
},
"details": "Inappropriate implementation in Paint in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to leak cross-origin data outside an iframe via a crafted HTML page. (Chrome security severity: Low)",
"id": "GHSA-wv48-pvf9-qv86",
"modified": "2023-01-09T21:30:22Z",
"published": "2023-01-03T00:30:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4025"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html"
},
{
"type": "WEB",
"url": "https://crbug.com/1260250"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-WV7P-48P2-XRVW
Vulnerability from github – Published: 2022-04-28 00:00 – Updated: 2022-05-05 00:00IBM QRadar SIEM 7.3, 7.4, and 7.5 allows for users to access information across tenant and domain boundaries in some situations. IBM X-Force ID: 208397.
{
"affected": [],
"aliases": [
"CVE-2021-38874"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-04-27T16:15:00Z",
"severity": "MODERATE"
},
"details": "IBM QRadar SIEM 7.3, 7.4, and 7.5 allows for users to access information across tenant and domain boundaries in some situations. IBM X-Force ID: 208397.",
"id": "GHSA-wv7p-48p2-xrvw",
"modified": "2022-05-05T00:00:32Z",
"published": "2022-04-28T00:00:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38874"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/208397"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/6574787"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-WVVH-P7C3-9MR7
Vulnerability from github – Published: 2023-11-13 18:30 – Updated: 2023-11-13 18:30Use of implicit intent for sensitive communication vulnerability in startAgreeToDisclaimerActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.
{
"affected": [],
"aliases": [
"CVE-2023-42546"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-11-07T08:15:21Z",
"severity": "MODERATE"
},
"details": "Use of implicit intent for sensitive communication vulnerability in startAgreeToDisclaimerActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.",
"id": "GHSA-wvvh-p7c3-9mr7",
"modified": "2023-11-13T18:30:59Z",
"published": "2023-11-13T18:30:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42546"
},
{
"type": "WEB",
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023\u0026month=11"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-WVW9-5VQ9-WMCQ
Vulnerability from github – Published: 2022-10-07 18:15 – Updated: 2022-10-10 00:00IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly when using encrypted hosts which could result in information disclosure. IBM X-Force ID: 225889.
{
"affected": [],
"aliases": [
"CVE-2022-22480"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-10-07T17:15:00Z",
"severity": "HIGH"
},
"details": "IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly when using encrypted hosts which could result in information disclosure. IBM X-Force ID: 225889.",
"id": "GHSA-wvw9-5vq9-wmcq",
"modified": "2022-10-10T00:00:32Z",
"published": "2022-10-07T18:15:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22480"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/225889"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/6826695"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-WWP8-3R8G-W274
Vulnerability from github – Published: 2022-07-13 00:01 – Updated: 2022-07-16 00:00Exposure of Sensitive Information in CSC application prior to SMR Jul-2022 Release 1 allows local attacker to access wifi information via unprotected intent broadcasting.
{
"affected": [],
"aliases": [
"CVE-2022-33694"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-12T14:15:00Z",
"severity": "LOW"
},
"details": "Exposure of Sensitive Information in CSC application prior to SMR Jul-2022 Release 1 allows local attacker to access wifi information via unprotected intent broadcasting.",
"id": "GHSA-wwp8-3r8g-w274",
"modified": "2022-07-16T00:00:22Z",
"published": "2022-07-13T00:01:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33694"
},
{
"type": "WEB",
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2022\u0026month=7"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-WWR3-QQ72-5VCC
Vulnerability from github – Published: 2022-05-24 19:18 – Updated: 2022-05-24 19:18Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to the query component JQL endpoint via a Broken Access Control vulnerability (BAC) vulnerability. The affected versions are before version 8.5.10, and from version 8.6.0 before 8.13.1.
{
"affected": [],
"aliases": [
"CVE-2021-39127"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-10-21T03:15:00Z",
"severity": "MODERATE"
},
"details": "Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to the query component JQL endpoint via a Broken Access Control vulnerability (BAC) vulnerability. The affected versions are before version 8.5.10, and from version 8.6.0 before 8.13.1.",
"id": "GHSA-wwr3-qq72-5vcc",
"modified": "2022-05-24T19:18:30Z",
"published": "2022-05-24T19:18:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39127"
},
{
"type": "WEB",
"url": "https://jira.atlassian.com/browse/JRASERVER-72003"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.