VYPR

CWE-552

Files or Directories Accessible to External Parties

BaseDraft

Description

The product makes files or directories accessible to unauthorized actors, even though they should not be.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-150 · CAPEC-639

CVEs mapped to this weakness (182)

page 9 of 10
  • CVE-2022-41710Nov 3, 2022
    risk 0.00cvss epss 0.00

    Markdownify version 1.4.1 allows an external attacker to remotely obtain arbitrary local files on any client that attempts to view a malicious markdown file through Markdownify. This is possible because the application does not have a CSP policy (or at least not strict enough)…

  • CVE-2022-43414Oct 19, 2022
    risk 0.00cvss epss 0.01

    Jenkins NUnit Plugin 0.27 and earlier implements an agent-to-controller message that parses files inside a user-specified directory as test results, allowing attackers able to control agent processes to obtain test results from files in an attacker-specified directory on the…

  • CVE-2022-41343Sep 25, 2022
    risk 0.00cvss epss 0.04

    registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule.

  • CVE-2021-3856Aug 26, 2022
    risk 0.00cvss epss 0.01

    ClassLoaderTheme and ClasspathThemeResourceProviderFactory allows reading any file available as a resource to the classloader. By sending requests for theme resources with a relative path from an external HTTP client, the client will receive the content of random files if…

  • CVE-2022-30428May 25, 2022
    risk 0.00cvss epss 0.01

    In ginadmin through 05-10-2022, the incoming path value is not filtered, resulting in arbitrary file reading.

  • CVE-2021-3717May 24, 2022
    risk 0.00cvss epss 0.00

    A flaw was found in Wildfly. An incorrect JBOSS_LOCAL_USER challenge location when using the elytron configuration may lead to JBOSS_LOCAL_USER access to all users on the machine. The highest threat from this vulnerability is to confidentiality, integrity, and availability. This…

  • CVE-2022-30945May 17, 2022
    risk 0.00cvss epss 0.01

    Jenkins Pipeline: Groovy Plugin 2689.v434009a_31b_f1 and earlier allows loading any Groovy source files on the classpath of Jenkins and Jenkins plugins in sandboxed pipelines.

  • CVE-2022-27193Mar 15, 2022
    risk 0.00cvss epss 0.01

    CVRF-CSAF-Converter before 1.0.0-rc2 resolves XML External Entities (XXE). This leads to the inclusion of arbitrary (local) file content into the generated output document. An attacker can exploit this to disclose information from the system running the converter.

  • CVE-2022-23621Feb 9, 2022
    risk 0.00cvss epss 0.01

    XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions any user with SCRIPT right can read any file located in the XWiki WAR (for example xwiki.cfg and xwiki.properties) through…

  • CVE-2021-43821Dec 14, 2021
    risk 0.00cvss epss 0.02

    Opencast is an Open Source Lecture Capture & Video Management for Education. Opencast before version 9.10 or 10.6 allows references to local file URLs in ingested media packages, allowing attackers to include local files from Opencast's host machines and making them available…

  • CVE-2021-32752Jul 9, 2021
    risk 0.00cvss epss 0.01

    Ether Logs is a package that allows one to check one's logs in the Craft 3 utilities section. A vulnerability was found in versions prior to 3.0.4 that allowed authenticated admin users to access any file on the server. The vulnerability has been fixed in version 3.0.4. As a…

  • CVE-2021-21429Apr 27, 2021
    risk 0.00cvss epss 0.00

    OpenAPI Generator allows generation of API client libraries, server stubs, documentation and configuration automatically given an OpenAPI Spec. Using `File.createTempFile` in JDK will result in creating and using insecure temporary files that can leave application and system…

  • CVE-2021-21355Mar 23, 2021
    risk 0.00cvss epss 0.02

    TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 8.7.40, 9.5.25, 10.4.14, 11.1.1, due to the lack of ensuring file extensions belong to configured allowed mime-types, attackers can upload arbitrary data with arbitrary file extensions -…

  • CVE-2020-27216Oct 23, 2020
    risk 0.00cvss epss 0.04

    In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a…

  • CVE-2020-13953Sep 30, 2020
    risk 0.00cvss epss 0.03

    In Apache Tapestry from 5.4.0 to 5.5.0, crafting specific URLs, an attacker can download files inside the WEB-INF folder of the WAR being run.

  • CVE-2019-3881Sep 4, 2020
    risk 0.00cvss epss 0.01

    Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user's home directory are not available. If Bundler is used in a scenario where the user does not have a writable home directory, an…

  • CVE-2020-11976Aug 11, 2020
    risk 0.00cvss epss 0.04

    By crafting a special URL it is possible to make Wicket deliver unprocessed HTML templates. This would allow an attacker to see possibly sensitive information inside a HTML template that is usually removed during rendering. Affected are Apache Wicket versions 7.16.0, 8.8.0 and…

  • CVE-2020-4075Jul 7, 2020
    risk 0.00cvss epss 0.01

    In Electron before versions 7.2.4, 8.2.4, and 9.0.0-beta21, arbitrary local file read is possible by defining unsafe window options on a child window opened via window.open. As a workaround, ensure you are calling `event.preventDefault()` on all new-window events where the `url`…

  • CVE-2020-1726Feb 11, 2020
    risk 0.00cvss epss 0.02

    A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. When a user runs a malicious container or a container based on a malicious image with an attached volume that is…

  • CVE-2019-14273Sep 26, 2019
    risk 0.00cvss epss 0.01

    In SilverStripe assets 4.0, there is broken access control on files.