Common Weakness Enumeration

CWE-668

Discouraged

Exposure of Resource to Wrong Sphere

Abstraction: Class · Status: Draft

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

1251 vulnerabilities reference this CWE, most recent first.

GHSA-MXF6-VR56-W9CH

Vulnerability from github – Published: 2022-06-08 00:00 – Updated: 2022-06-12 00:00
VLAI
Details

Sensitive information exposure in Sign-out log in Samsung Account prior to version 13.2.00.6 allows attackers to get an user email or phone number without permission.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-30734"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-06-07T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Sensitive information exposure in Sign-out log in Samsung Account prior to version 13.2.00.6 allows attackers to get an user email or phone number without permission.",
  "id": "GHSA-mxf6-vr56-w9ch",
  "modified": "2022-06-12T00:00:46Z",
  "published": "2022-06-08T00:00:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30734"
    },
    {
      "type": "WEB",
      "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2022\u0026month=6"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MXGC-GQ8G-45HM

Vulnerability from github – Published: 2022-07-14 00:00 – Updated: 2022-07-22 00:00
VLAI
Details

A CWE-73: External Control of File Name or Path vulnerability exists that could cause loading of unauthorized firmware images when user-controlled data is written to the file path. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01 and later), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior)

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-34765"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668",
      "CWE-73"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-07-13T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A CWE-73: External Control of File Name or Path vulnerability exists that could cause loading of unauthorized firmware images when user-controlled data is written to the file path. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01 and later), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior)",
  "id": "GHSA-mxgc-gq8g-45hm",
  "modified": "2022-07-22T00:00:32Z",
  "published": "2022-07-14T00:00:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34765"
    },
    {
      "type": "WEB",
      "url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-193-01_OPC_UA_X80_Advanced_RTU_Modicon_Communication_Modules+_Security_Notification.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MXHP-79QH-MCX6

Vulnerability from github – Published: 2020-02-19 16:43 – Updated: 2023-01-30 19:22
VLAI
Summary
TaffyDB can allow access to any data items in the DB
Details

TaffyDB allows attackers to forge adding additional properties into user-input processed by taffy which can allow access to any data items in the DB. Taffy sets an internal index for each data item in its DB. However, it is found that the internal index can be forged by adding additional properties into user-input. If index is found in the query, TaffyDB will ignore other query conditions and directly return the indexed data item. Moreover, the internal index is in an easily-guessable format (e.g., T000002R000001). As such, attackers can use this vulnerability to access any data items in the DB. Note: taffy and its successor package taffydb are not maintained.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "taffy"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "2.6.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "taffydb"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "2.7.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2019-10790"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-668"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-02-18T20:15:03Z",
    "nvd_published_at": "2020-02-17T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "TaffyDB allows attackers to forge adding additional properties into user-input processed by taffy which can allow access to any data items in the DB. Taffy sets an internal index for each data item in its DB. However, it is found that the internal index can be forged by adding additional properties into user-input. If index is found in the query, TaffyDB will ignore other query conditions and directly return the indexed data item. Moreover, the internal index is in an easily-guessable format (e.g., T000002R000001). As such, attackers can use this vulnerability to access any data items in the DB. **Note:** `taffy` and its successor package `taffydb` are not maintained.",
  "id": "GHSA-mxhp-79qh-mcx6",
  "modified": "2023-01-30T19:22:17Z",
  "published": "2020-02-19T16:43:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10790"
    },
    {
      "type": "WEB",
      "url": "https://snyk.io/vuln/SNYK-JS-TAFFY-546521"
    },
    {
      "type": "WEB",
      "url": "https://www.npmjs.com/package/taffy"
    },
    {
      "type": "PACKAGE",
      "url": "https://www.npmjs.com/package/taffydb"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "TaffyDB can allow access to any data items in the DB"
}

GHSA-MXR2-4H82-C6C3

Vulnerability from github – Published: 2022-04-14 00:00 – Updated: 2022-04-22 00:01
VLAI
Details

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an information disclosure vulnerability due to returning excess information. A malicious actor with remote access may leak the hostname of the target system. Successful exploitation of this issue can lead to targeting victims.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-22961"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-04-13T18:15:00Z",
    "severity": "MODERATE"
  },
  "details": "VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an information disclosure vulnerability due to returning excess information. A malicious actor with remote access may leak the hostname of the target system. Successful exploitation of this issue can lead to targeting victims.",
  "id": "GHSA-mxr2-4h82-c6c3",
  "modified": "2022-04-22T00:01:06Z",
  "published": "2022-04-14T00:00:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22961"
    },
    {
      "type": "WEB",
      "url": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MXVV-V7W8-J88H

Vulnerability from github – Published: 2022-05-13 00:00 – Updated: 2023-06-30 21:30
VLAI
Details

The vulnerability was discovered within the “FaviconService”. The service takes a base64-encoded URL which is then requested by the webserver. We assume this service is used by the “meetings”-function where users can specify an external URL where the online meeting will take place.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-27770"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-472",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-05-12T22:15:00Z",
    "severity": "HIGH"
  },
  "details": "The vulnerability was discovered within the \u201cFaviconService\u201d. The service takes a base64-encoded URL which is then requested by the webserver. We assume this service is used by the \u201cmeetings\u201d-function where users can specify an external URL where the online meeting will take place.",
  "id": "GHSA-mxvv-v7w8-j88h",
  "modified": "2023-06-30T21:30:19Z",
  "published": "2022-05-13T00:00:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27770"
    },
    {
      "type": "WEB",
      "url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0097430"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-MXW9-F7FP-9CCR

Vulnerability from github – Published: 2022-05-24 17:14 – Updated: 2022-10-07 18:16
VLAI
Details

Inappropriate implementation in cache in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-6442"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-04-13T18:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Inappropriate implementation in cache in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
  "id": "GHSA-mxw9-f7fp-9ccr",
  "modified": "2022-10-07T18:16:16Z",
  "published": "2022-05-24T17:14:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6442"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html"
    },
    {
      "type": "WEB",
      "url": "https://crbug.com/1013906"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2020/dsa-4714"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P225-PC2X-4JPM

Vulnerability from github – Published: 2022-02-09 00:58 – Updated: 2021-04-01 19:38
VLAI
Summary
Incorrect Authorization in keycloak
Details

A flaw was found in keycloak before version 13.0.0. In some scenarios a user still has access to a resource after changing the role mappings in Keycloak and after expiration of the previous access token.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.keycloak:keycloak-parent"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "13.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-1725"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668",
      "CWE-863"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-04-01T19:38:17Z",
    "nvd_published_at": "2021-01-28T20:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A flaw was found in keycloak before version 13.0.0. In some scenarios a user still has access to a resource after changing the role mappings in Keycloak and after expiration of the previous access token.",
  "id": "GHSA-p225-pc2x-4jpm",
  "modified": "2021-04-01T19:38:17Z",
  "published": "2022-02-09T00:58:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1725"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1765129"
    },
    {
      "type": "WEB",
      "url": "https://issues.redhat.com/browse/KEYCLOAK-16550"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Incorrect Authorization in keycloak"
}

GHSA-P2HP-3WV3-4W74

Vulnerability from github – Published: 2023-02-24 21:30 – Updated: 2023-03-08 17:22
VLAI
Summary
ecdh vulnerable to Exposure of Resource to Wrong Sphere
Details

In Development IL ecdh before 0.2.0, an attacker can send an invalid point (not on the curve) as the public key, and obtain the derived shared secret.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "ecdh"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.2.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-44310"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-03-08T17:22:31Z",
    "nvd_published_at": "2023-02-24T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "In Development IL ecdh before 0.2.0, an attacker can send an invalid point (not on the curve) as the public key, and obtain the derived shared secret.",
  "id": "GHSA-p2hp-3wv3-4w74",
  "modified": "2023-03-08T17:22:31Z",
  "published": "2023-02-24T21:30:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-44310"
    },
    {
      "type": "WEB",
      "url": "https://github.com/developmentil/ecdh/issues/3"
    },
    {
      "type": "WEB",
      "url": "https://github.com/developmentil/ecdh/pull/4"
    },
    {
      "type": "WEB",
      "url": "https://github.com/developmentil/ecdh/commit/ef4560e7233f4e8107a17a77bc540121599c78fa"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/developmentil/ecdh"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "ecdh vulnerable to Exposure of Resource to Wrong Sphere"
}

GHSA-P3JW-7F7J-XP7W

Vulnerability from github – Published: 2022-04-06 00:01 – Updated: 2022-04-12 00:00
VLAI
Details

Data leak in Canvas in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in screen sharing to potentially leak cross-origin data via a crafted HTML page.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-0806"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-04-05T01:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Data leak in Canvas in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in screen sharing to potentially leak cross-origin data via a crafted HTML page.",
  "id": "GHSA-p3jw-7f7j-xp7w",
  "modified": "2022-04-12T00:00:46Z",
  "published": "2022-04-06T00:01:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0806"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html"
    },
    {
      "type": "WEB",
      "url": "https://crbug.com/1283434"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202208-25"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P45J-V622-3WJ9

Vulnerability from github – Published: 2022-07-24 00:00 – Updated: 2022-07-28 00:00
VLAI
Details

Inappropriate implementation in Web Cursor in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who had compromised the renderer process to obscure the contents of the Omnibox (URL bar) via a crafted HTML page.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-1138"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-07-23T00:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Inappropriate implementation in Web Cursor in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who had compromised the renderer process to obscure the contents of the Omnibox (URL bar) via a crafted HTML page.",
  "id": "GHSA-p45j-v622-3wj9",
  "modified": "2022-07-28T00:00:48Z",
  "published": "2022-07-24T00:00:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1138"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_29.html"
    },
    {
      "type": "WEB",
      "url": "https://crbug.com/1246188"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202208-25"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.