CWE-668
DiscouragedExposure of Resource to Wrong Sphere
Abstraction: Class · Status: Draft
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
1252 vulnerabilities reference this CWE, most recent first.
GHSA-JQXF-H2CG-895Q
Vulnerability from github – Published: 2022-05-24 19:17 – Updated: 2022-07-13 00:01Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
{
"affected": [],
"aliases": [
"CVE-2021-37965"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-10-08T22:15:00Z",
"severity": "MODERATE"
},
"details": "Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
"id": "GHSA-jqxf-h2cg-895q",
"modified": "2022-07-13T00:01:34Z",
"published": "2022-05-24T19:17:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37965"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop_21.html"
},
{
"type": "WEB",
"url": "https://crbug.com/1239709"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2022/dsa-5046"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-JR3X-5J37-8776
Vulnerability from github – Published: 2022-05-13 01:50 – Updated: 2022-05-13 01:50The ARM-based hardware debugging feature on Raspberry Pi 3 module B+ and possibly other devices allows non-secure EL1 code to read/write any EL3 (the highest privilege level in ARMv8) memory/register via inter-processor debugging. With a debug host processor A running in non-secure EL1 and a debug target processor B running in any privilege level, the debugging feature allows A to halt B and promote B to any privilege level. As a debug host, A has full control of B even if B owns a higher privilege level than A. Accordingly, A can read/write any EL3 memory/register via B. Also, with this memory access, A can execute arbitrary code in EL3.
{
"affected": [],
"aliases": [
"CVE-2018-18068"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-04-04T20:29:00Z",
"severity": "CRITICAL"
},
"details": "The ARM-based hardware debugging feature on Raspberry Pi 3 module B+ and possibly other devices allows non-secure EL1 code to read/write any EL3 (the highest privilege level in ARMv8) memory/register via inter-processor debugging. With a debug host processor A running in non-secure EL1 and a debug target processor B running in any privilege level, the debugging feature allows A to halt B and promote B to any privilege level. As a debug host, A has full control of B even if B owns a higher privilege level than A. Accordingly, A can read/write any EL3 memory/register via B. Also, with this memory access, A can execute arbitrary code in EL3.",
"id": "GHSA-jr3x-5j37-8776",
"modified": "2022-05-13T01:50:36Z",
"published": "2022-05-13T01:50:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-18068"
},
{
"type": "WEB",
"url": "https://www.computer.org/csdl/proceedings-article/sp/2019/666000b157/17D45WHONhv"
},
{
"type": "WEB",
"url": "http://www.cs.wayne.edu/fengwei/paper/nailgun-sp19.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-JRFH-W785-MGXC
Vulnerability from github – Published: 2022-07-29 00:00 – Updated: 2026-06-02 15:31Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from a user's local files via a crafted HTML page.
{
"affected": [],
"aliases": [
"CVE-2022-2160"
],
"database_specific": {
"cwe_ids": [
"CWE-362",
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-28T01:15:00Z",
"severity": "MODERATE"
},
"details": "Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from a user\u0027s local files via a crafted HTML page.",
"id": "GHSA-jrfh-w785-mgxc",
"modified": "2026-06-02T15:31:48Z",
"published": "2022-07-29T00:00:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2160"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2022/06/stable-channel-update-for-desktop_21.html"
},
{
"type": "WEB",
"url": "https://crbug.com/1116450"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5BQRTR4SIUNIHLLPWTGYSDNQK7DYCRSB"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H2C4XOJVIILDXTOSMWJXHSQNEXFWSOD7"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5BQRTR4SIUNIHLLPWTGYSDNQK7DYCRSB"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H2C4XOJVIILDXTOSMWJXHSQNEXFWSOD7"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202208-25"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-JV9C-W74Q-6762
Vulnerability from github – Published: 2021-05-24 16:56 – Updated: 2021-05-24 16:53Impact
Insecure permissions on temporary directories used in explicit and implicit container build operations.
When a Singularity command that results in a container build operation is executed, it is possible for a user with access to the system to read the contents of the image during the build. Additionally, if the image contains a world-writable file or directory, it is possible for a user to inject arbitrary content into the running build, which in certain circumstances may enable arbitrary code execution during the build and/or when the built container is run.
Patches
This issue is addressed in Singularity 3.6.3.
All users are advised to upgrade to 3.6.3.
Workarounds
The issue is mitigated if TMPDIR is set to a location that is only accessible to the user, as any subdirectories directly under TMPDIR cannot then be accessed by others. However, this is difficult to enforce so it is not recommended to rely on this as a mitigation.
For more information
General questions about the impact of the advisory / changes made in the 3.6.0 release can be asked in the:
Any sensitive security concerns should be directed to: security@sylabs.io
See our Security Policy here: https://sylabs.io/security-policy
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/sylabs/singularity"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.6.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-25040"
],
"database_specific": {
"cwe_ids": [
"CWE-668",
"CWE-732"
],
"github_reviewed": true,
"github_reviewed_at": "2021-05-24T16:53:16Z",
"nvd_published_at": "2020-09-16T18:15:00Z",
"severity": "HIGH"
},
"details": "### Impact\n\nInsecure permissions on temporary directories used in explicit and implicit container build operations.\n\nWhen a Singularity command that results in a container build operation is executed, it is possible for a user with access to the system to read the contents of the image during the build. Additionally, if the image contains a world-writable file or directory, it is possible for a user to inject arbitrary content into the running build, which in certain circumstances may enable arbitrary code execution during the build and/or when the built container is run.\n\n### Patches\n\nThis issue is addressed in Singularity 3.6.3.\n\nAll users are advised to upgrade to 3.6.3.\n\n### Workarounds\n\nThe issue is mitigated if `TMPDIR` is set to a location that is only accessible to the user, as any subdirectories directly under `TMPDIR` cannot then be accessed by others. However, this is difficult to enforce so it is not recommended to rely on this as a mitigation.\n\n### For more information\n\nGeneral questions about the impact of the advisory / changes made in the 3.6.0 release can be asked in the:\n\n* [Singularity Slack Channel](https://bit.ly/2m0g3lX)\n* [Singularity Mailing List](https://groups.google.com/a/lbl.gov/forum/??sdf%7Csort:date#!forum/singularity)\n\nAny sensitive security concerns should be directed to: security@sylabs.io\n\nSee our Security Policy here: https://sylabs.io/security-policy",
"id": "GHSA-jv9c-w74q-6762",
"modified": "2021-05-24T16:53:16Z",
"published": "2021-05-24T16:56:23Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/hpcng/singularity/security/advisories/GHSA-jv9c-w74q-6762"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25040"
},
{
"type": "WEB",
"url": "https://medium.com/sylabs"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00070.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00088.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Insecure permissions on build temporary rootfs in Singularity"
}
GHSA-JVMR-RMRP-WG9C
Vulnerability from github – Published: 2022-06-15 00:00 – Updated: 2022-06-23 00:00A vulnerability in live_check.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows attackers to obtain sensitive router information via execution of the exec cmd function.
{
"affected": [],
"aliases": [
"CVE-2022-31309"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-06-14T14:15:00Z",
"severity": "HIGH"
},
"details": "A vulnerability in live_check.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows attackers to obtain sensitive router information via execution of the exec cmd function.",
"id": "GHSA-jvmr-rmrp-wg9c",
"modified": "2022-06-23T00:00:23Z",
"published": "2022-06-15T00:00:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31309"
},
{
"type": "WEB",
"url": "https://github.com/pghuanghui/CVE_Request/blob/main/WAVLINK%20AC1200_check_live.md"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-JW79-3RH8-V6JV
Vulnerability from github – Published: 2023-07-10 18:30 – Updated: 2026-06-01 15:30Unauthenticated endpoints in the SICK ICR890-4 could allow an unauthenticated remote attacker to retrieve sensitive information about the device via HTTP requests.
{
"affected": [],
"aliases": [
"CVE-2023-35696"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-07-10T16:15:52Z",
"severity": "HIGH"
},
"details": "Unauthenticated endpoints in the SICK ICR890-4 could allow an unauthenticated\nremote attacker to retrieve sensitive information about the device via HTTP requests.",
"id": "GHSA-jw79-3rh8-v6jv",
"modified": "2026-06-01T15:30:31Z",
"published": "2023-07-10T18:30:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35696"
},
{
"type": "WEB",
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json"
},
{
"type": "WEB",
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf"
},
{
"type": "WEB",
"url": "https://sick.com/psirt"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-JW9H-CFWW-J6FJ
Vulnerability from github – Published: 2022-05-24 19:11 – Updated: 2022-05-24 19:11OneNav 0.9.12 allows Information Disclosure of the onenav.db3 contents. NOTE: the vendor's recommended solution is to block the access via an NGINX configuration file.
{
"affected": [],
"aliases": [
"CVE-2021-38712"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-08-16T04:15:00Z",
"severity": "HIGH"
},
"details": "OneNav 0.9.12 allows Information Disclosure of the onenav.db3 contents. NOTE: the vendor\u0027s recommended solution is to block the access via an NGINX configuration file.",
"id": "GHSA-jw9h-cfww-j6fj",
"modified": "2022-05-24T19:11:19Z",
"published": "2022-05-24T19:11:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38712"
},
{
"type": "WEB",
"url": "https://github.com/helloxz/onenav/issues/25"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-JWG4-JH25-FXCC
Vulnerability from github – Published: 2022-05-24 19:17 – Updated: 2022-07-13 00:01InBody App for iOS versions prior to 2.3.30 and InBody App for Android versions prior to 2.2.90(510) contain a vulnerability which may lead to information disclosure only when it works with the body composition analyzer InBody Dial. This may allow an attacker who can connect to the InBody Dial with InBody App may obtain a victim's measurement result measured by InBody Dial.
{
"affected": [],
"aliases": [
"CVE-2021-20832"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-10-13T09:15:00Z",
"severity": "MODERATE"
},
"details": "InBody App for iOS versions prior to 2.3.30 and InBody App for Android versions prior to 2.2.90(510) contain a vulnerability which may lead to information disclosure only when it works with the body composition analyzer InBody Dial. This may allow an attacker who can connect to the InBody Dial with InBody App may obtain a victim\u0027s measurement result measured by InBody Dial.",
"id": "GHSA-jwg4-jh25-fxcc",
"modified": "2022-07-13T00:01:06Z",
"published": "2022-05-24T19:17:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20832"
},
{
"type": "WEB",
"url": "https://jvn.jp/en/jp/JVN63023305/index.html"
},
{
"type": "WEB",
"url": "https://www.inbody.co.jp/inbody-news/?uid=55\u0026mod=document\u0026pageid=1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-JWMW-9MQH-RXG7
Vulnerability from github – Published: 2022-03-17 00:00 – Updated: 2022-03-24 00:00In __show_regs of process.c, there is a possible leak of kernel memory and addresses due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-178379135References: Upstream kernel
{
"affected": [],
"aliases": [
"CVE-2021-39715"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-03-16T15:15:00Z",
"severity": "MODERATE"
},
"details": "In __show_regs of process.c, there is a possible leak of kernel memory and addresses due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-178379135References: Upstream kernel",
"id": "GHSA-jwmw-9mqh-rxg7",
"modified": "2022-03-24T00:00:36Z",
"published": "2022-03-17T00:00:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39715"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/pixel/2022-03-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-JXCC-G75X-QGW9
Vulnerability from github – Published: 2021-06-08 18:47 – Updated: 2023-09-07 20:15This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through the module install functionality.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "calipso"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "0.3.54"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-23391"
],
"database_specific": {
"cwe_ids": [
"CWE-29",
"CWE-668"
],
"github_reviewed": true,
"github_reviewed_at": "2021-06-08T16:15:33Z",
"nvd_published_at": "2021-06-07T21:15:00Z",
"severity": "HIGH"
},
"details": "This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through the module install functionality.",
"id": "GHSA-jxcc-g75x-qgw9",
"modified": "2023-09-07T20:15:39Z",
"published": "2021-06-08T18:47:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23391"
},
{
"type": "WEB",
"url": "https://github.com/cliftonc/calipso"
},
{
"type": "WEB",
"url": "https://snyk.io/vuln/SNYK-JS-CALIPSO-1300555"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"type": "CVSS_V3"
}
],
"summary": "Calipso Arbitrary File Write via Archive Extraction (Zip Slip)"
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.