Common Weakness Enumeration

CWE-668

Discouraged

Exposure of Resource to Wrong Sphere

Abstraction: Class · Status: Draft

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

1252 vulnerabilities reference this CWE, most recent first.

GHSA-GM4C-PH85-6CHJ

Vulnerability from github – Published: 2026-05-19 15:31 – Updated: 2026-05-19 18:32
VLAI
Details

Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-8958"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-19T14:16:52Z",
    "severity": "HIGH"
  },
  "details": "Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.",
  "id": "GHSA-gm4c-ph85-6chj",
  "modified": "2026-05-19T18:32:09Z",
  "published": "2026-05-19T15:31:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8958"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2034713"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-46"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-48"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-50"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2026-51"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GMH5-5F53-3929

Vulnerability from github – Published: 2022-05-24 19:11 – Updated: 2022-07-13 00:00
VLAI
Details

An issue was discovered in Mbed TLS before 2.24.0 (and before 2.16.8 LTS and before 2.7.17 LTS). There is missing zeroization of plaintext buffers in mbedtls_ssl_read to erase unused application data from memory.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-36476"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-212",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-08-23T02:15:00Z",
    "severity": "HIGH"
  },
  "details": "An issue was discovered in Mbed TLS before 2.24.0 (and before 2.16.8 LTS and before 2.7.17 LTS). There is missing zeroization of plaintext buffers in mbedtls_ssl_read to erase unused application data from memory.",
  "id": "GHSA-gmh5-5f53-3929",
  "modified": "2022-07-13T00:00:51Z",
  "published": "2022-05-24T19:11:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36476"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.8"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.24.0"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.7.17"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00021.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GP4Q-V358-XP7J

Vulnerability from github – Published: 2022-05-24 19:12 – Updated: 2022-07-13 00:01
VLAI
Details

An issue was discovered in PrimeKey EJBCA before 7.6.0. As part of the configuration of the aliases for SCEP, CMP, EST, and Auto-enrollment, the enrollment secret was reflected on a page (that can only be viewed by an administrator). While hidden from direct view, checking the page source would reveal the secret.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-40086"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-08-25T02:15:00Z",
    "severity": "LOW"
  },
  "details": "An issue was discovered in PrimeKey EJBCA before 7.6.0. As part of the configuration of the aliases for SCEP, CMP, EST, and Auto-enrollment, the enrollment secret was reflected on a page (that can only be viewed by an administrator). While hidden from direct view, checking the page source would reveal the secret.",
  "id": "GHSA-gp4q-v358-xp7j",
  "modified": "2022-07-13T00:01:39Z",
  "published": "2022-05-24T19:12:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-40086"
    },
    {
      "type": "WEB",
      "url": "https://support.primekey.com/news/posts/52"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GQ3Q-WC77-8WXX

Vulnerability from github – Published: 2022-05-24 17:48 – Updated: 2022-07-13 00:01
VLAI
Details

An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It incorrectly executed certain rules related to blocking accounts after account creation. Such rules would allow for user accounts to be created while blocking only the IP address used to create an account (and not the user account itself). Such rules could also be used by a nefarious, unprivileged user to catalog and enumerate any number of IP addresses related to these account creations.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-31552"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-04-22T03:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It incorrectly executed certain rules related to blocking accounts after account creation. Such rules would allow for user accounts to be created while blocking only the IP address used to create an account (and not the user account itself). Such rules could also be used by a nefarious, unprivileged user to catalog and enumerate any number of IP addresses related to these account creations.",
  "id": "GHSA-gq3q-wc77-8wxx",
  "modified": "2022-07-13T00:01:24Z",
  "published": "2022-05-24T17:48:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31552"
    },
    {
      "type": "WEB",
      "url": "https://gerrit.wikimedia.org/r/q/I8bae477ad7e4d0190335363ac2decf28e4313da1"
    },
    {
      "type": "WEB",
      "url": "https://phabricator.wikimedia.org/T152394"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GQ65-23CC-H5WP

Vulnerability from github – Published: 2023-09-27 15:30 – Updated: 2024-04-04 07:55
VLAI
Details

The vulnerability is to theft of arbitrary files with system privilege in the LockScreenSettings ("com.lge.lockscreensettings") app in the "com/lge/lockscreensettings/dynamicwallpaper/MyCategoryGuideActivity.java" file. The main problem is that the app launches implicit intents that can be intercepted by third-party apps installed on the same device. They also can return arbitrary data that will be passed to the "onActivityResult()" method. The LockScreenSettings app copies the received file to the "/data/shared/dw/mycategory/wallpaper_01.png" path and then changes the file access mode to world-readable and world-writable.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-44122"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668",
      "CWE-927"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-09-27T15:19:35Z",
    "severity": "HIGH"
  },
  "details": "The vulnerability is to theft of arbitrary files with system privilege in the LockScreenSettings (\"com.lge.lockscreensettings\") app in the \"com/lge/lockscreensettings/dynamicwallpaper/MyCategoryGuideActivity.java\" file. The main problem is that the app launches implicit intents that can be intercepted by third-party apps installed on the same device. They also can return arbitrary data that will be passed to the \"onActivityResult()\" method. The LockScreenSettings app copies the received file to the \"/data/shared/dw/mycategory/wallpaper_01.png\" path and then changes the file access mode to world-readable and world-writable.",
  "id": "GHSA-gq65-23cc-h5wp",
  "modified": "2024-04-04T07:55:24Z",
  "published": "2023-09-27T15:30:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44122"
    },
    {
      "type": "WEB",
      "url": "https://lgsecurity.lge.com/bulletins/mobile#updateDetails"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GRFR-78M7-Q35Q

Vulnerability from github – Published: 2022-12-06 00:30 – Updated: 2024-03-27 15:30
VLAI
Details

When doing HTTP(S) transfers, libcurl might erroneously use the read callback (CURLOPT_READFUNCTION) to ask for data to send, even when the CURLOPT_POSTFIELDS option has been set, if the same handle previously was used to issue a PUT request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent POST request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-32221"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-12-05T22:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent `POST` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.",
  "id": "GHSA-grfr-78m7-q35q",
  "modified": "2024-03-27T15:30:36Z",
  "published": "2022-12-06T00:30:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32221"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/1704017"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202212-01"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20230110-0006"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20230208-0002"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT213604"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT213605"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2023/dsa-5330"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2023/Jan/19"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2023/Jan/20"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2023/05/17/4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GRJG-25GC-44CM

Vulnerability from github – Published: 2022-05-24 19:03 – Updated: 2022-05-24 19:03
VLAI
Details

CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-30190"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-306",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-05-25T13:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control.",
  "id": "GHSA-grjg-25gc-44cm",
  "modified": "2022-05-24T19:03:13Z",
  "published": "2022-05-24T19:03:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30190"
    },
    {
      "type": "WEB",
      "url": "https://customers.codesys.com/index.php"
    },
    {
      "type": "WEB",
      "url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=14726\u0026token=553da5d11234bbe1ceed59969d419a71bb8c8747\u0026download="
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GVHR-FQ94-Q7H9

Vulnerability from github – Published: 2022-12-22 21:30 – Updated: 2025-04-15 15:30
VLAI
Details

If a Thunderbird user quoted from an HTML email, for example by replying to the email, and the email contained either a VIDEO tag with the POSTER attribute or an OBJECT tag with a DATA attribute, a network request to the referenced remote URL was performed, regardless of a configuration to block remote content. An image loaded from the POSTER attribute was shown in the composer window. These issues could have given an attacker additional capabilities when targetting releases that did not yet have a fix for CVE-2022-3033 which was reported around three months ago. This vulnerability affects Thunderbird < 102.5.1.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-45414"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-12-22T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "If a Thunderbird user quoted from an HTML email, for example by replying to the email, and the email contained either a VIDEO tag with the POSTER attribute or an OBJECT tag with a DATA attribute, a network request to the referenced remote URL was performed, regardless of a configuration to block remote content. An image loaded from the POSTER attribute was shown in the composer window. These issues could have given an attacker additional capabilities when targetting releases that did not yet have a fix for CVE-2022-3033 which was reported around three months ago. This vulnerability affects Thunderbird \u003c 102.5.1.",
  "id": "GHSA-gvhr-fq94-q7h9",
  "modified": "2025-04-15T15:30:36Z",
  "published": "2022-12-22T21:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45414"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1788096"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2022-50"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GVHX-V7VC-CM6C

Vulnerability from github – Published: 2022-05-24 19:14 – Updated: 2022-07-13 00:01
VLAI
Details

HashiCorp Terraform Enterprise up to v202108-1 contained an API endpoint that erroneously disclosed a sensitive URL to authenticated parties, which could be used for privilege escalation or unauthorized modification of a Terraform configuration. Fixed in v202109-1.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-40862"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-09-15T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "HashiCorp Terraform Enterprise up to v202108-1 contained an API endpoint that erroneously disclosed a sensitive URL to authenticated parties, which could be used for privilege escalation or unauthorized modification of a Terraform configuration. Fixed in v202109-1.",
  "id": "GHSA-gvhx-v7vc-cm6c",
  "modified": "2022-07-13T00:01:40Z",
  "published": "2022-05-24T19:14:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-40862"
    },
    {
      "type": "WEB",
      "url": "https://discuss.hashicorp.com/t/hcsec-2021-25-terraform-enterprise-configuration-versions-api-discloses-sensitive-url/29508"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GVR9-XCJW-7M25

Vulnerability from github – Published: 2022-05-20 00:00 – Updated: 2022-05-27 00:00
VLAI
Details

IBM Security Identity Governance and Intelligence 5.2.4, 5.2.5, and 5.2.6 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 192429.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-4970"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-05-19T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "IBM Security Identity Governance and Intelligence 5.2.4, 5.2.5, and 5.2.6 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 192429.",
  "id": "GHSA-gvr9-xcjw-7m25",
  "modified": "2022-05-27T00:00:26Z",
  "published": "2022-05-20T00:00:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-4970"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/192429"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/6587435"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.