Common Weakness Enumeration

CWE-668

Discouraged

Exposure of Resource to Wrong Sphere

Abstraction: Class · Status: Draft

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

1252 vulnerabilities reference this CWE, most recent first.

GHSA-HQ94-G33H-JJ2X

Vulnerability from github – Published: 2022-05-24 19:16 – Updated: 2022-10-27 19:00
VLAI
Details

Function check_attachment_for_errors() in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file. This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26; 2.20.11 versions prior to 2.20.11-0ubuntu27.20; 2.20.11 versions prior to 2.20.11-0ubuntu65.3;

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-3709"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-10-01T03:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Function check_attachment_for_errors() in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file. This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26; 2.20.11 versions prior to 2.20.11-0ubuntu27.20; 2.20.11 versions prior to 2.20.11-0ubuntu65.3;",
  "id": "GHSA-hq94-g33h-jj2x",
  "modified": "2022-10-27T19:00:39Z",
  "published": "2022-05-24T19:16:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3709"
    },
    {
      "type": "WEB",
      "url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1934308"
    },
    {
      "type": "WEB",
      "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3709"
    },
    {
      "type": "WEB",
      "url": "https://ubuntu.com/security/notices/USN-5077-1"
    },
    {
      "type": "WEB",
      "url": "https://ubuntu.com/security/notices/USN-5077-2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HQF6-VVJ2-CJ4W

Vulnerability from github – Published: 2022-05-05 00:00 – Updated: 2022-05-14 00:03
VLAI
Details

An improper access control vulnerability [CWE-284] in FortiOS versions 6.4.8 and prior and 7.0.3 and prior may allow an authenticated attacker with a restricted user profile to gather sensitive information and modify the SSL-VPN tunnel status of other VDOMs using specific CLI commands.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-41032"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-05-04T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An improper access control vulnerability [CWE-284] in FortiOS versions 6.4.8 and prior and 7.0.3 and prior may allow an authenticated attacker with a restricted user profile to gather sensitive information and modify the SSL-VPN tunnel status of other VDOMs using specific CLI commands.",
  "id": "GHSA-hqf6-vvj2-cj4w",
  "modified": "2022-05-14T00:03:36Z",
  "published": "2022-05-05T00:00:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41032"
    },
    {
      "type": "WEB",
      "url": "https://fortiguard.com/psirt/FG-IR-21-147"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HQP6-MJW3-F586

Vulnerability from github – Published: 2025-07-02 21:32 – Updated: 2025-07-05 01:47
VLAI
Summary
HashiCorp Vagrant has code injection vulnerability through default synced folders
Details

An authenticated virtual machine escape vulnerability exists in HashiCorp Vagrant versions 2.4.6 and below when using the default synced folder configuration. By design, Vagrant automatically mounts the host system’s project directory into the guest VM under /vagrant (or C:\vagrant on Windows). This includes the Vagrantfile configuration file, which is a Ruby script evaluated by the host every time a vagrant command is executed in the project directory. If a low-privileged attacker obtains shell access to the guest VM, they can append arbitrary Ruby code to the mounted Vagrantfile. When a user on the host later runs any vagrant command, the injected code is executed on the host with that user’s privileges.

While this shared-folder behavior is well-documented by Vagrant, the security implications of Vagrantfile execution from guest-writable storage are not explicitly addressed. This effectively enables guest-to-host code execution in multi-tenant or adversarial VM scenarios.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "vagrant"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.2.10"
            },
            {
              "fixed": "2.4.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-34075"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-276",
      "CWE-668",
      "CWE-94"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-07-03T12:59:35Z",
    "nvd_published_at": "2025-07-02T20:15:29Z",
    "severity": "MODERATE"
  },
  "details": "An authenticated virtual machine escape vulnerability exists in HashiCorp Vagrant versions 2.4.6 and below when using the default synced folder configuration. By design, Vagrant automatically mounts the host system\u2019s project directory into the guest VM under /vagrant (or C:\\vagrant on Windows). This includes the Vagrantfile configuration file, which is a Ruby script evaluated by the host every time a vagrant command is executed in the project directory. If a low-privileged attacker obtains shell access to the guest VM, they can append arbitrary Ruby code to the mounted Vagrantfile. When a user on the host later runs any vagrant command, the injected code is executed on the host with that user\u2019s privileges.\n\nWhile this shared-folder behavior is well-documented by Vagrant, the security implications of Vagrantfile execution from guest-writable storage are not explicitly addressed. This effectively enables guest-to-host code execution in multi-tenant or adversarial VM scenarios.",
  "id": "GHSA-hqp6-mjw3-f586",
  "modified": "2025-07-05T01:47:56Z",
  "published": "2025-07-02T21:32:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-34075"
    },
    {
      "type": "WEB",
      "url": "https://github.com/hashicorp/vagrant/issues/13688"
    },
    {
      "type": "WEB",
      "url": "https://github.com/hashicorp/vagrant/commit/abe87b2fdc124ef426c016d44d2f6f4792f0cbe3"
    },
    {
      "type": "WEB",
      "url": "https://developer.hashicorp.com/vagrant"
    },
    {
      "type": "WEB",
      "url": "https://developer.hashicorp.com/vagrant/docs/synced-folders/basic_usage"
    },
    {
      "type": "WEB",
      "url": "https://developer.hashicorp.com/vagrant/docs/vagrantfile"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-hqp6-mjw3-f586"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/hashicorp/vagrant"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/vagrant/CVE-2025-34075.yml"
    },
    {
      "type": "WEB",
      "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/local/vagrant_synced_folder_vagrantfile_breakout.rb"
    },
    {
      "type": "WEB",
      "url": "https://vulncheck.com/advisories/hashicorp-vagrant-synced-folder-vagrantfile-breakout"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ],
  "summary": "HashiCorp Vagrant has code injection vulnerability through default synced folders"
}

GHSA-HVF8-H2QH-37M9

Vulnerability from github – Published: 2021-01-28 19:11 – Updated: 2025-05-27 15:20
VLAI
Summary
IPC messages delivered to the wrong frame in Electron
Details

Impact

IPC messages sent from the main process to a subframe in the renderer process, through webContents.sendToFrame, event.reply or when using the remote module, can in some cases be delivered to the wrong frame.

If your app does ANY of the following, then it is impacted by this issue: - Uses remote - Calls webContents.sendToFrame - Calls event.reply in an IPC message handler

Patches

This has been fixed in the following versions:

  • 9.4.0
  • 10.2.0
  • 11.1.0
  • 12.0.0-beta.9

Workarounds

There are no workarounds for this issue.

For more information

If you have any questions or comments about this advisory, email us at security@electronjs.org.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "electron"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "9.4.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "electron"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "10.0.0"
            },
            {
              "fixed": "10.2.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "electron"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "11.0.0"
            },
            {
              "fixed": "11.1.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-26272"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-01-28T19:11:05Z",
    "nvd_published_at": "2021-01-28T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\nIPC messages sent from the main process to a subframe in the renderer process, through `webContents.sendToFrame`, `event.reply` or when using the `remote` module, can in some cases be delivered to the wrong frame.\n\nIf your app does ANY of the following, then it is impacted by this issue:\n- Uses `remote`\n- Calls `webContents.sendToFrame`\n- Calls `event.reply` in an IPC message handler\n\n### Patches\nThis has been fixed in the following versions:\n\n- 9.4.0\n- 10.2.0\n- 11.1.0\n- 12.0.0-beta.9\n\n### Workarounds\nThere are no workarounds for this issue.\n\n### For more information\nIf you have any questions or comments about this advisory, email us at [security@electronjs.org](mailto:security@electronjs.org).",
  "id": "GHSA-hvf8-h2qh-37m9",
  "modified": "2025-05-27T15:20:19Z",
  "published": "2021-01-28T19:11:34Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/electron/electron/security/advisories/GHSA-hvf8-h2qh-37m9"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26272"
    },
    {
      "type": "WEB",
      "url": "https://github.com/electron/electron/pull/26875"
    },
    {
      "type": "WEB",
      "url": "https://github.com/electron/electron/commit/07a1c2a3e5845901f7e2eda9506695be58edc73c"
    },
    {
      "type": "WEB",
      "url": "https://github.com/electron/electron/commit/0bbd268eb4caf35604443df5ff196980dd49e208"
    },
    {
      "type": "WEB",
      "url": "https://github.com/electron/electron/commit/36c695ce2a7e22c07fe1e30c61c00d20371daee2"
    },
    {
      "type": "WEB",
      "url": "https://github.com/electron/electron/commit/429400040ecb16a21d19936658579e65a797e4cc"
    },
    {
      "type": "WEB",
      "url": "https://github.com/electron/electron/commit/5c8e7e8b7f485ceafa8b271086d7b87e1de9dedd"
    },
    {
      "type": "WEB",
      "url": "https://github.com/electron/electron/releases/tag/v9.4.0"
    },
    {
      "type": "WEB",
      "url": "https://www.electronjs.org/releases/stable?version=9#9.4.0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "IPC messages delivered to the wrong frame in Electron"
}

GHSA-HVGW-R2WX-XWH4

Vulnerability from github – Published: 2023-03-14 18:30 – Updated: 2023-03-14 18:30
VLAI
Details

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-24906"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-03-14T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability",
  "id": "GHSA-hvgw-r2wx-xwh4",
  "modified": "2023-03-14T18:30:21Z",
  "published": "2023-03-14T18:30:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24906"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24906"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HVJ5-X43R-QG3F

Vulnerability from github – Published: 2022-05-24 16:46 – Updated: 2022-05-24 16:46
VLAI
Details

A CWE-501: Trust Boundary Violation vulnerability on connection to the Controller exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium which could cause unauthorized access by conducting a brute force attack on Modbus protocol to the controller.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-7846"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-05-22T20:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "A CWE-501: Trust Boundary Violation vulnerability on connection to the Controller exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium which could cause unauthorized access by conducting a brute force attack on Modbus protocol to the controller.",
  "id": "GHSA-hvj5-x43r-qg3f",
  "modified": "2022-05-24T16:46:13Z",
  "published": "2022-05-24T16:46:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7846"
    },
    {
      "type": "WEB",
      "url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11"
    },
    {
      "type": "WEB",
      "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0735"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-HVJM-QMP9-PW7F

Vulnerability from github – Published: 2022-03-24 00:00 – Updated: 2022-04-02 00:00
VLAI
Details

GE UR firmware versions prior to version 8.1x shares MODBUS memory map as part of the communications guide. GE was made aware a “Last-key pressed” MODBUS register can be used to gain unauthorized information.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-27424"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-03-23T20:15:00Z",
    "severity": "MODERATE"
  },
  "details": "GE UR firmware versions prior to version 8.1x shares MODBUS memory map as part of the communications guide. GE was made aware a \u201cLast-key pressed\u201d MODBUS register can be used to gain unauthorized information.",
  "id": "GHSA-hvjm-qmp9-pw7f",
  "modified": "2022-04-02T00:00:32Z",
  "published": "2022-03-24T00:00:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27424"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-075-02"
    },
    {
      "type": "WEB",
      "url": "https://www.gegridsolutions.com/Passport/Login.aspx"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HW3V-VXGM-36RP

Vulnerability from github – Published: 2023-02-27 21:30 – Updated: 2023-03-09 00:30
VLAI
Details

The issue was addressed with improved memory handling This issue is fixed in macOS Ventura 13.2. An app may be able to disclose kernel memory..

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-23501"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-02-27T20:15:00Z",
    "severity": "MODERATE"
  },
  "details": "The issue was addressed with improved memory handling This issue is fixed in macOS Ventura 13.2. An app may be able to disclose kernel memory..",
  "id": "GHSA-hw3v-vxgm-36rp",
  "modified": "2023-03-09T00:30:18Z",
  "published": "2023-02-27T21:30:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23501"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213605"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HWQR-F3V9-HWXR

Vulnerability from github – Published: 2022-07-15 21:56 – Updated: 2026-02-03 17:37
VLAI
Summary
Workers for local Dask clusters mistakenly listened on public interfaces
Details

Versions of distributed earlier than 2021.10.0 had a potential security vulnerability relating to single-machine Dask clusters.

Clusters started with dask.distributed.LocalCluster or dask.distributed.Client() (which defaults to using LocalCluster) would mistakenly configure their respective Dask workers to listen on external interfaces (typically with a randomly selected high port) rather than only on localhost. A Dask cluster created using this method AND running on a machine that has these ports exposed could be used by a sophisticated attacker to enable remote code execution. Users running on machines with standard firewalls in place, or using clusters created via cluster objects other than LocalCluster (e.g. dask_kubernetes.KubeCluster) should not be affected. This vulnerability is documented in CVE-2021-42343, and was fixed in version 2021.10.0 (PR #5427).

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "distributed"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2021.10.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-42343"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-07-15T21:56:08Z",
    "nvd_published_at": null,
    "severity": "CRITICAL"
  },
  "details": "Versions of `distributed` earlier than `2021.10.0` had a potential security vulnerability relating to single-machine Dask clusters.\n\nClusters started with `dask.distributed.LocalCluster` or `dask.distributed.Client()` (which defaults to using `LocalCluster`) would mistakenly configure their respective Dask workers to listen on external interfaces (typically with a randomly selected high port) rather than only on `localhost`. A Dask cluster created using this method AND running on a machine that has these ports exposed could be used by a sophisticated attacker to enable remote code execution. Users running on machines with standard firewalls in place, or using clusters created via cluster objects other than `LocalCluster` (e.g. `dask_kubernetes.KubeCluster`) should not be affected. This vulnerability is documented in CVE-2021-42343, and was fixed in version `2021.10.0` (PR #5427).",
  "id": "GHSA-hwqr-f3v9-hwxr",
  "modified": "2026-02-03T17:37:34Z",
  "published": "2022-07-15T21:56:08Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/dask/distributed/security/advisories/GHSA-hwqr-f3v9-hwxr"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42343"
    },
    {
      "type": "WEB",
      "url": "https://github.com/dask/distributed/pull/5427"
    },
    {
      "type": "WEB",
      "url": "https://github.com/dask/distributed/commit/afce4be8e05fb180e50a9d9e38465f1a82295e1b"
    },
    {
      "type": "WEB",
      "url": "https://docs.dask.org/en/latest/changelog.html"
    },
    {
      "type": "WEB",
      "url": "https://github.com/dask/dask/tags"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/dask/distributed"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/distributed/PYSEC-2021-871.yaml"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/distributed/PYSEC-2021-872.yaml"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Workers for local Dask clusters mistakenly listened on public interfaces"
}

GHSA-HX75-3JR9-944M

Vulnerability from github – Published: 2022-11-30 15:30 – Updated: 2026-02-23 09:31
VLAI
Details

Error in parser function in M-Files Server versions before 22.6.11534.1 and before 22.6.11505.0 allowed unauthenticated access to some information of the underlying operating system.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-1911"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-11-30T15:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Error in parser function in M-Files Server versions before 22.6.11534.1 and before 22.6.11505.0 allowed unauthenticated access to some information of the underlying operating system.",
  "id": "GHSA-hx75-3jr9-944m",
  "modified": "2026-02-23T09:31:17Z",
  "published": "2022-11-30T15:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1911"
    },
    {
      "type": "WEB",
      "url": "https://empower.m-files.com/security-advisories/CVE-2022-1911"
    },
    {
      "type": "WEB",
      "url": "https://product.m-files.com/security-advisories/cve-2022-1911"
    },
    {
      "type": "WEB",
      "url": "https://www.m-files.com/about/trust-center/security-advisories/cve-2022-1911"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.