Common Weakness Enumeration

CWE-668

Discouraged

Exposure of Resource to Wrong Sphere

Abstraction: Class · Status: Draft

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

1252 vulnerabilities reference this CWE, most recent first.

GHSA-CG75-6938-WX58

Vulnerability from github – Published: 2020-03-13 20:04 – Updated: 2024-09-20 14:58
VLAI
Summary
python-docutils allows insecure usage of temporary files
Details

python-docutils allows insecure usage of temporary files.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "docutils"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.5"
            },
            {
              "fixed": "0.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2009-5042"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-03-13T20:03:40Z",
    "nvd_published_at": null,
    "severity": "CRITICAL"
  },
  "details": "python-docutils allows insecure usage of temporary files.",
  "id": "GHSA-cg75-6938-wx58",
  "modified": "2024-09-20T14:58:26Z",
  "published": "2020-03-13T20:04:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-5042"
    },
    {
      "type": "WEB",
      "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560755"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-cg75-6938-wx58"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/docutils/PYSEC-2019-176.yaml"
    },
    {
      "type": "WEB",
      "url": "https://security-tracker.debian.org/tracker/CVE-2009-5042"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "python-docutils allows insecure usage of temporary files"
}

GHSA-CG79-XXVP-6224

Vulnerability from github – Published: 2022-03-09 00:00 – Updated: 2024-05-14 18:30
VLAI
Details

A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.29), Mendix Applications using Mendix 8 (All versions < V8.18.16), Mendix Applications using Mendix 9 (All versions). If an entity has an association readable by the user, then in some cases, Mendix Runtime may not apply checks for XPath constraints that parse said associations, within apps running on affected versions. A malicious user could use this to dump and manipulate sensitive data.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-24309"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-284",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-03-08T12:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions \u003c V7.23.29), Mendix Applications using Mendix 8 (All versions \u003c V8.18.16), Mendix Applications using Mendix 9 (All versions). If an entity has an association readable by the user, then in some cases, Mendix Runtime may not apply checks for XPath constraints that parse said associations, within apps running on affected versions. A malicious user could use this to dump and manipulate sensitive data.",
  "id": "GHSA-cg79-xxvp-6224",
  "modified": "2024-05-14T18:30:33Z",
  "published": "2022-03-09T00:00:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24309"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-148641.html"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-148641.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CG7Q-FG22-4G98

Vulnerability from github – Published: 2026-04-03 03:07 – Updated: 2026-05-06 19:12
VLAI
Summary
OpenClaw: Host exec environment sanitization misses package, registry, Docker, compiler, and TLS override variables
Details

Summary

Host exec environment sanitization misses package, registry, Docker, compiler, and TLS override variables

Current Maintainer Triage

  • Normalized severity: medium
  • Assessment: v2026.3.28 also misses the broader package, registry, compiler, Docker, and TLS env family in the shipped host-env policy, and the unreleased main fix means this is a real medium-severity open issue.

Affected Packages / Versions

  • Package: openclaw (npm)
  • Latest published npm version: 2026.3.31
  • Vulnerable version range: <=2026.3.28
  • Patched versions: >= 2026.3.31
  • First stable tag containing the fix: v2026.3.31

Fix Commit(s)

  • eb8de6715f02949c21c4e895fffc8a6dcb00975c — 2026-03-31T19:37:43+09:00

OpenClaw thanks @tdjackey for reporting.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2026.3.28"
      },
      "package": {
        "ecosystem": "npm",
        "name": "openclaw"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2026.3.31"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-41369"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-184",
      "CWE-668"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-04-03T03:07:13Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "## Summary\nHost exec environment sanitization misses package, registry, Docker, compiler, and TLS override variables\n\n## Current Maintainer Triage\n- Normalized severity: medium\n- Assessment: v2026.3.28 also misses the broader package, registry, compiler, Docker, and TLS env family in the shipped host-env policy, and the unreleased main fix means this is a real medium-severity open issue.\n\n## Affected Packages / Versions\n- Package: `openclaw` (npm)\n- Latest published npm version: `2026.3.31`\n- Vulnerable version range: `\u003c=2026.3.28`\n- Patched versions: `\u003e= 2026.3.31`\n- First stable tag containing the fix: `v2026.3.31`\n\n## Fix Commit(s)\n- `eb8de6715f02949c21c4e895fffc8a6dcb00975c` \u2014 2026-03-31T19:37:43+09:00\n\nOpenClaw thanks @tdjackey for reporting.",
  "id": "GHSA-cg7q-fg22-4g98",
  "modified": "2026-05-06T19:12:01Z",
  "published": "2026-04-03T03:07:13Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-cg7q-fg22-4g98"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/commit/eb8de6715f02949c21c4e895fffc8a6dcb00975c"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/openclaw/openclaw"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/releases/tag/v2026.3.31"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/openclaw-insufficient-environment-variable-sanitization-in-host-execution"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "OpenClaw: Host exec environment sanitization misses package, registry, Docker, compiler, and TLS override variables"
}

GHSA-CHQ4-R76R-RH84

Vulnerability from github – Published: 2022-10-07 18:15 – Updated: 2022-10-12 12:00
VLAI
Details

Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via SHOW_PERSISTENT_BANNER broadcast.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-39867"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-284",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-10-07T15:15:00Z",
    "severity": "HIGH"
  },
  "details": "Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via SHOW_PERSISTENT_BANNER broadcast.",
  "id": "GHSA-chq4-r76r-rh84",
  "modified": "2022-10-12T12:00:24Z",
  "published": "2022-10-07T18:15:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-39867"
    },
    {
      "type": "WEB",
      "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2022\u0026month=10"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CHRV-P5RC-J7C8

Vulnerability from github – Published: 2022-05-24 19:17 – Updated: 2022-10-06 00:00
VLAI
Details

SAP Internet Communication framework (ICM) - versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 785, allows an attacker with logon functionality, to exploit the authentication function by using POST and form field to repeat executions of the initial command by a GET request and exposing sensitive data. This vulnerability is normally exposed over the network and successful exploitation can lead to exposure of data like system details.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-40496"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-10-12T15:15:00Z",
    "severity": "MODERATE"
  },
  "details": "SAP Internet Communication framework (ICM) - versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 785, allows an attacker with logon functionality, to exploit the authentication function by using POST and form field to repeat executions of the initial command by a GET request and exposing sensitive data. This vulnerability is normally exposed over the network and successful exploitation can lead to exposure of data like system details.",
  "id": "GHSA-chrv-p5rc-j7c8",
  "modified": "2022-10-06T00:00:57Z",
  "published": "2022-05-24T19:17:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-40496"
    },
    {
      "type": "WEB",
      "url": "https://launchpad.support.sap.com/#/notes/3087254"
    },
    {
      "type": "WEB",
      "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CHVG-47QC-PRXJ

Vulnerability from github – Published: 2022-05-20 00:00 – Updated: 2022-06-03 00:00
VLAI
Details

Missing input masking in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0 before 14.10.1 causes potentially sensitive integration properties to be disclosed in the web interface

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-1413"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-05-19T18:15:00Z",
    "severity": "HIGH"
  },
  "details": "Missing input masking in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0 before 14.10.1 causes potentially sensitive integration properties to be disclosed in the web interface",
  "id": "GHSA-chvg-47qc-prxj",
  "modified": "2022-06-03T00:00:54Z",
  "published": "2022-05-20T00:00:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1413"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1413.json"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/353720"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CJJR-H37F-5XW7

Vulnerability from github – Published: 2023-07-26 09:30 – Updated: 2024-04-04 06:21
VLAI
Details

An issue has been discovered in GitLab DAST scanner affecting all versions starting from 3.0.29 before 4.0.5, in which the DAST scanner leak cross site cookies on redirect during authorization.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-1401"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-201",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-07-26T07:15:09Z",
    "severity": "MODERATE"
  },
  "details": "An issue has been discovered in GitLab DAST scanner affecting all versions starting from 3.0.29 before 4.0.5, in which the DAST scanner leak cross site cookies on redirect during authorization.",
  "id": "GHSA-cjjr-h37f-5xw7",
  "modified": "2024-04-04T06:21:41Z",
  "published": "2023-07-26T09:30:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1401"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/1889255"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/396533"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CJPJ-XR8X-3RG7

Vulnerability from github – Published: 2022-05-24 17:33 – Updated: 2022-05-24 17:33
VLAI
Details

A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an authenticated, remote attacker to gain access to sensitive information on an affected device. The vulnerability is due to improper storage of sensitive information on an affected device. An attacker could exploit this vulnerability by accessing information that should not be accessible to users with low privileges. A successful exploit could allow the attacker to gain access to sensitive information.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-26086"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-11-06T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an authenticated, remote attacker to gain access to sensitive information on an affected device. The vulnerability is due to improper storage of sensitive information on an affected device. An attacker could exploit this vulnerability by accessing information that should not be accessible to users with low privileges. A successful exploit could allow the attacker to gain access to sensitive information.",
  "id": "GHSA-cjpj-xr8x-3rg7",
  "modified": "2022-05-24T17:33:18Z",
  "published": "2022-05-24T17:33:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26086"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tele-info-DrEGLpDQ"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-CJQ3-Q65F-328C

Vulnerability from github – Published: 2022-07-07 00:00 – Updated: 2026-07-05 00:31
VLAI
Details

In IOBit Advanced System Care (AscService.exe) 15, an attacker with SEImpersonatePrivilege can create a named pipe with the same name as one of ASCService's named pipes. ASCService first tries to connect before trying to create the named pipes, because of that during login the service will try to connect to the attacker which will lead to either escalation of privileges (through token manipulation and ImpersonateNamedPipeClient() ) from ADMIN -> SYSTEM or from Local ADMIN-> Domain ADMIN depending on the user and named pipe that is used.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-24139"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-07-06T13:15:00Z",
    "severity": "HIGH"
  },
  "details": "In IOBit Advanced System Care (AscService.exe) 15, an attacker with SEImpersonatePrivilege can create a named pipe with the same name as one of ASCService\u0027s named pipes. ASCService first tries to connect before trying to create the named pipes, because of that during login the service will try to connect to the attacker which will lead to either escalation of privileges (through token manipulation and ImpersonateNamedPipeClient() ) from ADMIN -\u003e SYSTEM or from Local ADMIN-\u003e Domain ADMIN depending on the user and named pipe that is used.",
  "id": "GHSA-cjq3-q65f-328c",
  "modified": "2026-07-05T00:31:33Z",
  "published": "2022-07-07T00:00:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24139"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tomerpeled92/CVE"
    },
    {
      "type": "WEB",
      "url": "http://advanced.com"
    },
    {
      "type": "WEB",
      "url": "http://iobit.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CM3C-7FFR-R2CR

Vulnerability from github – Published: 2022-10-19 19:00 – Updated: 2022-10-21 19:01
VLAI
Details

The deployment script in the unsupported "OpenShift Extras" set of add-on scripts, in Red Hat Openshift 1, installs a default public key in the root user's authorized_keys file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2013-4253"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-377",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-10-19T18:15:00Z",
    "severity": "HIGH"
  },
  "details": "The deployment script in the unsupported \"OpenShift Extras\" set of add-on scripts, in Red Hat Openshift 1, installs a default public key in the root user\u0027s authorized_keys file.",
  "id": "GHSA-cm3c-7ffr-r2cr",
  "modified": "2022-10-21T19:01:13Z",
  "published": "2022-10-19T19:00:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4253"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openshift/openshift-extras/blob/enterprise-2.0/README.md#security-notice"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2014/06/05/19"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.