CWE-668
DiscouragedExposure of Resource to Wrong Sphere
Abstraction: Class · Status: Draft
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
1251 vulnerabilities reference this CWE, most recent first.
GHSA-VM9V-45VG-Q73F
Vulnerability from github – Published: 2023-03-08 21:30 – Updated: 2025-03-04 21:30There exists an information disclosure vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by unauthenticated users to read arbitrary files from Zephyr instances.
{
"affected": [],
"aliases": [
"CVE-2023-22892"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-03-08T21:15:00Z",
"severity": "HIGH"
},
"details": "There exists an information disclosure vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by unauthenticated users to read arbitrary files from Zephyr instances.",
"id": "GHSA-vm9v-45vg-q73f",
"modified": "2025-03-04T21:30:52Z",
"published": "2023-03-08T21:30:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22892"
},
{
"type": "WEB",
"url": "https://smartbear.com/security/cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-VP8W-34R2-97R4
Vulnerability from github – Published: 2022-09-29 00:00 – Updated: 2022-09-29 00:00IBM QRadar User Behavior Analytics could allow an authenticated user to obtain sensitive information from that they should not have access to. IBM X-Force ID: 232791.
{
"affected": [],
"aliases": [
"CVE-2022-36771"
],
"database_specific": {
"cwe_ids": [
"CWE-284",
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-09-28T16:15:00Z",
"severity": "MODERATE"
},
"details": "IBM QRadar User Behavior Analytics could allow an authenticated user to obtain sensitive information from that they should not have access to. IBM X-Force ID: 232791.",
"id": "GHSA-vp8w-34r2-97r4",
"modified": "2022-09-29T00:00:22Z",
"published": "2022-09-29T00:00:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36771"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/232791"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/6824197"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-VP9J-RGHQ-8JHH
Vulnerability from github – Published: 2022-02-09 21:59 – Updated: 2024-11-18 16:26An incomplete fix was found for the fix of the flaw CVE-2020-1733 ansible insecure temporary directory when running become_user from become directive. The provided fix is insufficient to prevent the race condition on systems using ACLs and FUSE filesystems. Ansible Engine 2.7.18, 2.8.12, and 2.9.9 as well as previous versions are affected and Ansible Tower 3.4.5, 3.5.6 and 3.6.4 as well as previous versions are affected.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "ansible"
},
"ranges": [
{
"events": [
{
"introduced": "2.10.0a1"
},
{
"fixed": "2.10.0rc1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "ansible"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.9.12"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-10744"
],
"database_specific": {
"cwe_ids": [
"CWE-362",
"CWE-377",
"CWE-668"
],
"github_reviewed": true,
"github_reviewed_at": "2021-04-05T13:49:09Z",
"nvd_published_at": "2020-05-15T14:15:00Z",
"severity": "LOW"
},
"details": "An incomplete fix was found for the fix of the flaw CVE-2020-1733 ansible insecure temporary directory when running become_user from become directive. The provided fix is insufficient to prevent the race condition on systems using ACLs and FUSE filesystems. Ansible Engine 2.7.18, 2.8.12, and 2.9.9 as well as previous versions are affected and Ansible Tower 3.4.5, 3.5.6 and 3.6.4 as well as previous versions are affected.",
"id": "GHSA-vp9j-rghq-8jhh",
"modified": "2024-11-18T16:26:11Z",
"published": "2022-02-09T21:59:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10744"
},
{
"type": "WEB",
"url": "https://github.com/ansible/ansible/issues/69782"
},
{
"type": "WEB",
"url": "https://github.com/ansible/ansible/commit/77d0effcc5b2da1ef23e4ba32986a9759c27c10d"
},
{
"type": "WEB",
"url": "https://github.com/ansible/ansible/commit/84afa8e90cd168ff13208c8eae3e533ce7e21e1f"
},
{
"type": "WEB",
"url": "https://github.com/ansible/ansible/commit/ffd3757fc35468a97791e452e7f2d14c3e3fcb80"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10744"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-vp9j-rghq-8jhh"
},
{
"type": "PACKAGE",
"url": "https://github.com/ansible/ansible"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-208.yaml"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L",
"type": "CVSS_V4"
}
],
"summary": "Exposure of Resource to Wrong Sphere and Insecure Temporary File in Ansible"
}
GHSA-VPW5-GRXX-V396
Vulnerability from github – Published: 2021-09-02 17:16 – Updated: 2022-07-13 18:55When using the CsrfTokenViewHelper the extension discloses the user's session identifier to HTML output without processing of additional cryptographic hashing algorithms. This vulnerability cannot be exploited directly and occurs in combination with a chained attack - like for instance Cross Site Scripting in the frontend output.
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "lms/routes"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.1.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-36793"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": true,
"github_reviewed_at": "2021-08-30T17:23:15Z",
"nvd_published_at": "2021-08-13T17:15:00Z",
"severity": "MODERATE"
},
"details": "When using the CsrfTokenViewHelper the extension discloses the user\u0027s session identifier to HTML output without processing of additional cryptographic hashing algorithms. This vulnerability cannot be exploited directly and occurs in combination with a chained attack - like for instance Cross Site Scripting in the frontend output.",
"id": "GHSA-vpw5-grxx-v396",
"modified": "2022-07-13T18:55:15Z",
"published": "2021-09-02T17:16:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36793"
},
{
"type": "PACKAGE",
"url": "https://github.com/Lacr1ma/routes"
},
{
"type": "WEB",
"url": "https://typo3.org/security/advisory/typo3-ext-sa-2021-008"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C",
"type": "CVSS_V3"
}
],
"summary": "CSRF token exposure in TYPO3 extension"
}
GHSA-VQ22-4G75-MF6J
Vulnerability from github – Published: 2021-12-27 00:01 – Updated: 2023-08-08 15:31Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects RBK352 before 4.4.0.10, RBR350 before 4.4.0.10, and RBS350 before 4.4.0.10.
{
"affected": [],
"aliases": [
"CVE-2021-45494"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-12-26T01:15:00Z",
"severity": "MODERATE"
},
"details": "Certain NETGEAR devices are affected by an attacker\u0027s ability to read arbitrary files. This affects RBK352 before 4.4.0.10, RBR350 before 4.4.0.10, and RBS350 before 4.4.0.10.",
"id": "GHSA-vq22-4g75-mf6j",
"modified": "2023-08-08T15:31:27Z",
"published": "2021-12-27T00:01:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45494"
},
{
"type": "WEB",
"url": "https://kb.netgear.com/000064160/Security-Advisory-for-Arbitrary-File-Read-on-Some-WiFi-Systems-PSV-2021-0044"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-VQ4R-F49J-6CH9
Vulnerability from github – Published: 2022-12-08 18:30 – Updated: 2022-12-12 18:30Teleport v3.2.2, Teleport v3.5.6-rc6, and Teleport v3.6.3-b2 was discovered to contain an information leak via the /user/get-role-list web interface.
{
"affected": [],
"aliases": [
"CVE-2022-38599"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-12-08T17:15:00Z",
"severity": "MODERATE"
},
"details": "Teleport v3.2.2, Teleport v3.5.6-rc6, and Teleport v3.6.3-b2 was discovered to contain an information leak via the /user/get-role-list web interface.",
"id": "GHSA-vq4r-f49j-6ch9",
"modified": "2022-12-12T18:30:29Z",
"published": "2022-12-08T18:30:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38599"
},
{
"type": "WEB",
"url": "https://gist.github.com/arleyna/20d858e11c48984d00926fa8cc0c2722"
},
{
"type": "WEB",
"url": "http://teleport.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-VQ4R-MMWV-GR7W
Vulnerability from github – Published: 2022-09-02 00:01 – Updated: 2022-09-08 00:00IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could allow a local attacker to obtain information due to the autocomplete feature on password input fields. IBM X-Force ID: 214345.
{
"affected": [],
"aliases": [
"CVE-2021-39045"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-09-01T19:15:00Z",
"severity": "MODERATE"
},
"details": "IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could allow a local attacker to obtain information due to the autocomplete feature on password input fields. IBM X-Force ID: 214345.",
"id": "GHSA-vq4r-mmwv-gr7w",
"modified": "2022-09-08T00:00:33Z",
"published": "2022-09-02T00:01:02Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39045"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/214345"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20221014-0005"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/6615285"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-VQJ2-4V8M-8VRQ
Vulnerability from github – Published: 2022-02-24 00:00 – Updated: 2024-09-30 20:52mlflow prior to 1.23.1 contains an insecure temporary file. The insecure function tempfile.mktemp() is deprecated and mkstemp() should be used instead.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "mlflow"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.23.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-0736"
],
"database_specific": {
"cwe_ids": [
"CWE-377",
"CWE-668"
],
"github_reviewed": true,
"github_reviewed_at": "2022-02-24T21:42:26Z",
"nvd_published_at": "2022-02-23T09:15:00Z",
"severity": "HIGH"
},
"details": "mlflow prior to 1.23.1 contains an insecure temporary file. The insecure function `tempfile.mktemp()` is deprecated and `mkstemp()` should be used instead.",
"id": "GHSA-vqj2-4v8m-8vrq",
"modified": "2024-09-30T20:52:09Z",
"published": "2022-02-24T00:00:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0736"
},
{
"type": "WEB",
"url": "https://github.com/mlflow/mlflow/commit/61984e6843d2e59235d82a580c529920cd8f3711"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-vqj2-4v8m-8vrq"
},
{
"type": "PACKAGE",
"url": "https://github.com/mlflow/mlflow"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/mlflow/PYSEC-2022-28.yaml"
},
{
"type": "WEB",
"url": "https://huntr.dev/bounties/e5384764-c583-4dec-a1d8-4697f4e12f75"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Insecure Temporary File in mlflow"
}
GHSA-VRQ4-9HC3-CGP7
Vulnerability from github – Published: 2025-04-12 03:42 – Updated: 2025-04-15 12:49Summary
jupyter-remote-desktop-proxy was meant to rely on UNIX sockets readable only by the current user since version 3.0.0, but when used with TigerVNC, the VNC server started by jupyter-remote-desktop-proxy were still accessible via the network.
This vulnerability does not affect users having TurboVNC as the vncserver executable.
Credits
This vulnerability was identified by Arne Gottwald at University of Göttingen and analyzed, reported, and reviewed by @frejanordsiek.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "jupyter-remote-desktop-proxy"
},
"ranges": [
{
"events": [
{
"introduced": "3.0.0"
},
{
"fixed": "3.0.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.0.0"
]
}
],
"aliases": [
"CVE-2025-32428"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": true,
"github_reviewed_at": "2025-04-12T03:42:31Z",
"nvd_published_at": "2025-04-15T00:15:14Z",
"severity": "CRITICAL"
},
"details": "## Summary\n\n`jupyter-remote-desktop-proxy` was meant to rely on UNIX sockets readable only by the current user since version 3.0.0, but when used with TigerVNC, the VNC server started by `jupyter-remote-desktop-proxy` were still accessible via the network.\n\nThis vulnerability does not affect users having TurboVNC as the `vncserver` executable.\n\n## Credits\n\nThis vulnerability was identified by Arne Gottwald at University of G\u00f6ttingen and analyzed, reported, and reviewed by @frejanordsiek.",
"id": "GHSA-vrq4-9hc3-cgp7",
"modified": "2025-04-15T12:49:04Z",
"published": "2025-04-12T03:42:31Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/jupyterhub/jupyter-remote-desktop-proxy/security/advisories/GHSA-vrq4-9hc3-cgp7"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32428"
},
{
"type": "WEB",
"url": "https://github.com/jupyterhub/jupyter-remote-desktop-proxy/commit/7dd54c25a4253badd8ea68895437e5a66a59090d"
},
{
"type": "PACKAGE",
"url": "https://github.com/jupyterhub/jupyter-remote-desktop-proxy"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"type": "CVSS_V4"
}
],
"summary": "TigerVNC accessible via the network and not just via a UNIX socket as intended"
}
GHSA-VVP7-R422-RX83
Vulnerability from github – Published: 2023-04-12 20:40 – Updated: 2023-04-16 07:18Impact
It's possible to list some users who are normally not viewable from subwiki by requesting users on a subwiki which allows only global users with uorgsuggest.vm. This issue only concerns hidden users from main wiki.
Note that the disclosed information are the username and the first and last name of users, no other information is leaked.
Patches
The problem has been patched on XWiki 13.10.8, 14.4.3 and 14.7RC1.
Workarounds
It's possible to workaround this vulnerability by patching directly uorgsuggest.vm to apply the same changes as in https://github.com/xwiki/xwiki-platform/pull/1883.
References
- JIRA ticket: https://jira.xwiki.org/browse/XWIKI-20007
- this vulnerability is actually a remaining of https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-97jg-43c9-q6pf which wasn't entirely fixed back then
For more information
If you have any questions or comments about this advisory: * Open an issue in Jira * Email us at security ML
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.platform:xwiki-platform-web-templates"
},
"ranges": [
{
"events": [
{
"introduced": "13.9-rc-1"
},
{
"fixed": "13.10.8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.platform:xwiki-platform-web-templates"
},
"ranges": [
{
"events": [
{
"introduced": "14.0-rc-1"
},
{
"fixed": "14.4.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.xwiki.platform:xwiki-platform-web-templates"
},
"ranges": [
{
"events": [
{
"introduced": "14.5"
},
{
"fixed": "14.7-rc-1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-29203"
],
"database_specific": {
"cwe_ids": [
"CWE-359",
"CWE-668"
],
"github_reviewed": true,
"github_reviewed_at": "2023-04-12T20:40:00Z",
"nvd_published_at": "2023-04-15T16:15:00Z",
"severity": "LOW"
},
"details": "### Impact\n\nIt\u0027s possible to list some users who are normally not viewable from subwiki by requesting users on a subwiki which allows only global users with `uorgsuggest.vm`. This issue only concerns hidden users from main wiki.\nNote that the disclosed information are the username and the first and last name of users, no other information is leaked. \n\n### Patches\n\nThe problem has been patched on XWiki 13.10.8, 14.4.3 and 14.7RC1.\n\n### Workarounds\n\nIt\u0027s possible to workaround this vulnerability by patching directly `uorgsuggest.vm ` to apply the same changes as in https://github.com/xwiki/xwiki-platform/pull/1883.\n\n### References\n\n * JIRA ticket: https://jira.xwiki.org/browse/XWIKI-20007\n * this vulnerability is actually a remaining of https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-97jg-43c9-q6pf which wasn\u0027t entirely fixed back then\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n* Open an issue in [Jira](https://jira.xwiki.org)\n* Email us at [security ML](mailto:security@xwiki.org)\n",
"id": "GHSA-vvp7-r422-rx83",
"modified": "2023-04-16T07:18:33Z",
"published": "2023-04-12T20:40:00Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-97jg-43c9-q6pf"
},
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-vvp7-r422-rx83"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29203"
},
{
"type": "WEB",
"url": "https://github.com/xwiki/xwiki-platform/pull/1883"
},
{
"type": "PACKAGE",
"url": "https://github.com/xwiki/xwiki-platform"
},
{
"type": "WEB",
"url": "https://jira.xwiki.org/browse/XWIKI-20007"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Unauthenticated user can have information about hidden users on subwikis through uorgsuggest.vm "
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.