Common Weakness Enumeration

CWE-668

Discouraged

Exposure of Resource to Wrong Sphere

Abstraction: Class · Status: Draft

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

1251 vulnerabilities reference this CWE, most recent first.

GHSA-24WW-MC5X-XC43

Vulnerability from github – Published: 2021-05-07 15:54 – Updated: 2021-05-05 19:22
VLAI
Summary
Man-in-the-middle attack in Apache Cassandra
Details

In Apache Cassandra, all versions prior to 2.1.22, 2.2.18, 3.0.22, 3.11.8 and 4.0-beta2, it is possible for a local attacker without access to the Apache Cassandra process or configuration files to manipulate the RMI registry to perform a man-in-the-middle attack and capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and perform unauthorised operations. Users should also be aware of CVE-2019-2684, a JRE vulnerability that enables this issue to be exploited remotely.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.cassandra:cassandra-all"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.1.0"
            },
            {
              "fixed": "2.1.12"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.cassandra:cassandra-all"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.2.0"
            },
            {
              "fixed": "2.2.18"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.cassandra:cassandra-all"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.0.0"
            },
            {
              "fixed": "3.0.22"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.cassandra:cassandra-all"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.11.0"
            },
            {
              "fixed": "3.11.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.cassandra:cassandra-all"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.0-beta1"
            },
            {
              "fixed": "4.0-beta2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "4.0-beta1"
      ]
    }
  ],
  "aliases": [
    "CVE-2020-13946"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-05-05T19:22:12Z",
    "nvd_published_at": "2020-09-01T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In Apache Cassandra, all versions prior to 2.1.22, 2.2.18, 3.0.22, 3.11.8 and 4.0-beta2, it is possible for a local attacker without access to the Apache Cassandra process or configuration files to manipulate the RMI registry to perform a man-in-the-middle attack and capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and perform unauthorised operations. Users should also be aware of CVE-2019-2684, a JRE vulnerability that enables this issue to be exploited remotely.",
  "id": "GHSA-24ww-mc5x-xc43",
  "modified": "2021-05-05T19:22:12Z",
  "published": "2021-05-07T15:54:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13946"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r1fd117082b992e7d43c1286e966c285f98aa362e685695d999ff42f7@%3Cuser.cassandra.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r718e01f61b35409a4f7a3ccbc1cb5136a1558a9f9c2cb8d4ca9be1ce@%3Cuser.cassandra.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rab8d90d28f944d84e4d7852f355a25c89451ae02c2decc4d355a9cfc@%3Cuser.cassandra.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rcd7544b24d8fc32b7950ec4c117052410b661babaa857fb1fc641152%40%3Cuser.cassandra.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20210521-0005"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Man-in-the-middle attack in Apache Cassandra"
}

GHSA-254C-2J77-4HHM

Vulnerability from github – Published: 2022-07-01 00:01 – Updated: 2022-07-09 00:00
VLAI
Details

IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.14 could allow a remote attacker to gain details of the database, such as type and version, by sending a specially-crafted HTTP request. This information could then be used in future attacks. IBM X-Force ID: 226940.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-22494"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-06-30T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.14 could allow a remote attacker to gain details of the database, such as type and version, by sending a specially-crafted HTTP request. This information could then be used in future attacks. IBM X-Force ID: 226940.",
  "id": "GHSA-254c-2j77-4hhm",
  "modified": "2022-07-09T00:00:25Z",
  "published": "2022-07-01T00:01:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22494"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/226940"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/6596883"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-258J-HJX4-W4M2

Vulnerability from github – Published: 2022-05-21 00:01 – Updated: 2022-06-01 00:00
VLAI
Details

Multi Store Inventory Management System v1.0 was discovered to contain an information disclosure vulnerability which allows attackers to access sensitive files.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-28991"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-05-20T13:15:00Z",
    "severity": "HIGH"
  },
  "details": "Multi Store Inventory Management System v1.0 was discovered to contain an information disclosure vulnerability which allows attackers to access sensitive files.",
  "id": "GHSA-258j-hjx4-w4m2",
  "modified": "2022-06-01T00:00:33Z",
  "published": "2022-05-21T00:01:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28991"
    },
    {
      "type": "WEB",
      "url": "https://packetstormsecurity.com/files/166590/Multi-Store-Inventory-Management-System-1.0-Information-Disclosure.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-25GJ-GFHX-XWGH

Vulnerability from github – Published: 2023-11-02 18:30 – Updated: 2023-11-02 18:30
VLAI
Details

A vulnerability has been identified in PT-G503 Series versions prior to v5.2, where the session cookies attribute is not set properly in the affected application. The vulnerability may lead to security risks, potentially exposing user session data to unauthorized access and manipulation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-4217"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1004",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-11-02T17:15:11Z",
    "severity": "LOW"
  },
  "details": "A vulnerability has been identified in PT-G503 Series versions prior to v5.2, where the session cookies attribute is not set properly in the affected application. The vulnerability may lead to security risks, potentially exposing user session data to unauthorized access and manipulation.\n\n",
  "id": "GHSA-25gj-gfhx-xwgh",
  "modified": "2023-11-02T18:30:25Z",
  "published": "2023-11-02T18:30:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4217"
    },
    {
      "type": "WEB",
      "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230203-pt-g503-series-multiple-vulnerabilities"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-25HM-2VQM-695W

Vulnerability from github – Published: 2022-05-24 19:20 – Updated: 2022-07-13 00:01
VLAI
Details

Possible information exposure and denial of service due to NAS not dropping messages when integrity check fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-30284"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-11-12T07:15:00Z",
    "severity": "HIGH"
  },
  "details": "Possible information exposure and denial of service due to NAS not dropping messages when integrity check fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables",
  "id": "GHSA-25hm-2vqm-695w",
  "modified": "2022-07-13T00:01:20Z",
  "published": "2022-05-24T19:20:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30284"
    },
    {
      "type": "WEB",
      "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-25XC-JWFQ-39JW

Vulnerability from github – Published: 2021-04-19 14:50 – Updated: 2022-08-15 20:03
VLAI
Summary
OSGi applications using Vaadin 12-14 and 19 vulnerable to server classes and resources exposure
Details

Vulnerability in OSGi integration in com.vaadin:flow-server versions 1.2.0 through 2.4.7 (Vaadin 12.0.0 through 14.4.9), and 6.0.0 through 6.0.1 (Vaadin 19.0.0) allows attacker to access application classes and resources on the server via crafted HTTP request.

  • https://vaadin.com/security/cve-2021-31407
Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.4.7"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "com.vaadin:flow-server"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.2.0"
            },
            {
              "fixed": "2.4.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.vaadin:flow-server"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "6.0.0"
            },
            {
              "fixed": "6.0.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "6.0.0"
      ]
    }
  ],
  "aliases": [
    "CVE-2021-31407"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-402",
      "CWE-668"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-04-16T23:15:42Z",
    "nvd_published_at": "2021-04-23T16:15:00Z",
    "severity": "HIGH"
  },
  "details": "Vulnerability in OSGi integration in `com.vaadin:flow-server` versions 1.2.0 through 2.4.7 (Vaadin 12.0.0 through 14.4.9), and 6.0.0 through 6.0.1 (Vaadin 19.0.0) allows attacker to access application classes and resources on the server via crafted HTTP request.\n\n- https://vaadin.com/security/cve-2021-31407",
  "id": "GHSA-25xc-jwfq-39jw",
  "modified": "2022-08-15T20:03:44Z",
  "published": "2021-04-19T14:50:49Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/vaadin/flow/security/advisories/GHSA-25xc-jwfq-39jw"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31407"
    },
    {
      "type": "WEB",
      "url": "https://github.com/vaadin/osgi/issues/50"
    },
    {
      "type": "WEB",
      "url": "https://github.com/vaadin/flow/pull/10229"
    },
    {
      "type": "WEB",
      "url": "https://github.com/vaadin/flow/pull/10269"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/vaadin/flow"
    },
    {
      "type": "WEB",
      "url": "https://vaadin.com/security/cve-2021-31407"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "OSGi applications using Vaadin 12-14 and 19 vulnerable to server classes and resources exposure"
}

GHSA-269Q-HMXG-M83Q

Vulnerability from github – Published: 2022-05-10 08:46 – Updated: 2022-05-10 08:46
VLAI
Summary
Local Information Disclosure Vulnerability in io.netty:netty-codec-http
Details

Description

GHSA-5mcr-gq6c-3hq2 (CVE-2021-21290) contains an insufficient fix for the vulnerability identified.

Impact

When netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled.

This only impacts applications running on Java version 6 and lower. Additionally, this vulnerability impacts code running on Unix-like systems, and very old versions of Mac OSX and Windows as they all share the system temporary directory between all users.

Vulnerability Details

To fix the vulnerability the code was changed to the following:

    @SuppressJava6Requirement(reason = "Guarded by version check")
    public static File createTempFile(String prefix, String suffix, File directory) throws IOException {
        if (javaVersion() >= 7) {
            if (directory == null) {
                return Files.createTempFile(prefix, suffix).toFile();
            }
            return Files.createTempFile(directory.toPath(), prefix, suffix).toFile();
        }
        if (directory == null) {
            return File.createTempFile(prefix, suffix);
        }
        File file = File.createTempFile(prefix, suffix, directory);
        // Try to adjust the perms, if this fails there is not much else we can do...
        file.setReadable(false, false);
        file.setReadable(true, true);
        return file;
    }

Unfortunately, this logic path was left vulnerable:

        if (directory == null) {
            return File.createTempFile(prefix, suffix);
        }

This file is still readable by all local users.

Patches

Update to 4.1.77.Final

Workarounds

Specify your own java.io.tmpdir when you start the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user or update to Java 7 or above.

References

For more information

If you have any questions or comments about this advisory:

Open an issue in netty

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 4.1.76.Final"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "io.netty:netty-codec-http"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.1.77.Final"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-24823"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-378",
      "CWE-379",
      "CWE-668"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-05-10T08:46:50Z",
    "nvd_published_at": "2022-05-06T12:15:00Z",
    "severity": "MODERATE"
  },
  "details": "### Description ###\n[GHSA-5mcr-gq6c-3hq2](https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2) (CVE-2021-21290) contains an insufficient fix for the vulnerability identified.\n\n### Impact ###\n\nWhen netty\u0027s multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled.\n\nThis only impacts applications running on Java version 6 and lower. Additionally, this vulnerability impacts code running on Unix-like systems, and very old versions of Mac OSX and Windows as they all share the system temporary directory between all users.\n\n### Vulnerability Details ###\n\nTo fix the vulnerability the code was changed to the following:\n\n```java\n    @SuppressJava6Requirement(reason = \"Guarded by version check\")\n    public static File createTempFile(String prefix, String suffix, File directory) throws IOException {\n        if (javaVersion() \u003e= 7) {\n            if (directory == null) {\n                return Files.createTempFile(prefix, suffix).toFile();\n            }\n            return Files.createTempFile(directory.toPath(), prefix, suffix).toFile();\n        }\n        if (directory == null) {\n            return File.createTempFile(prefix, suffix);\n        }\n        File file = File.createTempFile(prefix, suffix, directory);\n        // Try to adjust the perms, if this fails there is not much else we can do...\n        file.setReadable(false, false);\n        file.setReadable(true, true);\n        return file;\n    }\n```\n\nUnfortunately, this logic path was left vulnerable:\n\n```java\n        if (directory == null) {\n            return File.createTempFile(prefix, suffix);\n        }\n```\n\nThis file is still readable by all local users.\n\n### Patches ###\n\nUpdate to 4.1.77.Final\n\n### Workarounds ###\n\nSpecify your own `java.io.tmpdir` when you start the JVM or use `DefaultHttpDataFactory.setBaseDir(...)` to set the directory to something that is only readable by the current user or update to Java 7 or above.\n\n### References ###\n\n - [CWE-378: Creation of Temporary File With Insecure Permissions](https://cwe.mitre.org/data/definitions/378.html)\n - [CWE-379: Creation of Temporary File in Directory with Insecure Permissions](https://cwe.mitre.org/data/definitions/379.html)\n\n\n### For more information ###\n\nIf you have any questions or comments about this advisory:\n\nOpen an issue in [netty](https://github.com/netty/netty)\n",
  "id": "GHSA-269q-hmxg-m83q",
  "modified": "2022-05-10T08:46:50Z",
  "published": "2022-05-10T08:46:50Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/netty/netty/security/advisories/GHSA-269q-hmxg-m83q"
    },
    {
      "type": "WEB",
      "url": "https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24823"
    },
    {
      "type": "WEB",
      "url": "https://github.com/netty/netty/commit/185f8b2756a36aaa4f973f1a2a025e7d981823f1"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/netty/netty"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20220616-0004"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Local Information Disclosure Vulnerability in io.netty:netty-codec-http"
}

GHSA-26FG-V32R-H663

Vulnerability from github – Published: 2023-11-09 21:30 – Updated: 2023-11-17 21:58
VLAI
Summary
Moodle Exposure of Sensitive Information to an Unauthorized Actor vulnerability
Details

H5P metadata automatically populated the author with the user's username, which could be sensitive information.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "moodle/moodle"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.3.0-rc2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-5545"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-668"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-11-10T00:41:16Z",
    "nvd_published_at": "2023-11-09T20:15:09Z",
    "severity": "MODERATE"
  },
  "details": "H5P metadata automatically populated the author with the user\u0027s username, which could be sensitive information.",
  "id": "GHSA-26fg-v32r-h663",
  "modified": "2023-11-17T21:58:46Z",
  "published": "2023-11-09T21:30:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5545"
    },
    {
      "type": "WEB",
      "url": "https://github.com/moodle/moodle/commit/100ac7c6467a7de2c05713a0a924984ff1593d53"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243444"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/moodle/moodle"
    },
    {
      "type": "WEB",
      "url": "https://moodle.org/mod/forum/discuss.php?d=451586"
    },
    {
      "type": "WEB",
      "url": "http://git.moodle.org/gw?p=moodle.git\u0026a=search\u0026h=HEAD\u0026st=commit\u0026s=MDL-78820"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Moodle Exposure of Sensitive Information to an Unauthorized Actor vulnerability"
}

GHSA-26HM-C7GJ-Q5MP

Vulnerability from github – Published: 2021-12-30 00:00 – Updated: 2022-10-27 19:00
VLAI
Details

Emuse - eServices / eNvoice Exposure Of Private Personal Information due to lack of identification mechanisms and predictable IDs an attacker can scrape all the files on the service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-36723"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-12-29T15:15:00Z",
    "severity": "HIGH"
  },
  "details": "Emuse - eServices / eNvoice Exposure Of Private Personal Information due to lack of identification mechanisms and predictable IDs an attacker can scrape all the files on the service.",
  "id": "GHSA-26hm-c7gj-q5mp",
  "modified": "2022-10-27T19:00:31Z",
  "published": "2021-12-30T00:00:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36723"
    },
    {
      "type": "WEB",
      "url": "https://www.gov.il/en/departments/faq/cve_advisories"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-26RP-X6JF-5QX8

Vulnerability from github – Published: 2022-05-24 22:01 – Updated: 2022-07-13 00:01
VLAI
Details

The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 allows Information Disclosure of application registration data.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-36791"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-08-13T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 allows Information Disclosure of application registration data.",
  "id": "GHSA-26rp-x6jf-5qx8",
  "modified": "2022-07-13T00:01:31Z",
  "published": "2022-05-24T22:01:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36791"
    },
    {
      "type": "WEB",
      "url": "https://typo3.org/help/security-advisories/security"
    },
    {
      "type": "WEB",
      "url": "https://typo3.org/security/advisory/typo3-ext-sa-2021-013"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.