CWE-610
Externally Controlled Reference to a Resource in Another Sphere
Description
The product uses an externally controlled name or reference that resolves to a resource that is outside of the intended control sphere.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-219
CVEs mapped to this weakness (65)
page 4 of 4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-8553 | 0.00 | — | 0.01 | Jul 29, 2020 | The Kubernetes ingress-nginx component prior to version 0.28.0 allows a user with the ability to create namespaces and to read and create ingress objects to overwrite the password file of another ingress which uses nginx.ingress.kubernetes.io/auth-type: basic and which has a… | |||
| CVE-2020-5296 | 0.00 | — | 0.01 | Jun 3, 2020 | In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to delete arbitrary local files of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the… | |||
| CVE-2020-5297 | 0.00 | — | 0.01 | Jun 3, 2020 | In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to upload jpg, jpeg, bmp, png, webp, gif, ico, css, js, woff, woff2, svg, ttf, eot, json, md, less, sass, scss, xml files to any directory of an… | |||
| CVE-2019-14905 | 0.00 | — | 0.01 | Mar 31, 2020 | A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craft the filename… | |||
| CVE-2017-16088 | Cri | 0.00 | 10.0 | 0.03 | Jun 7, 2018 | The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access the entire standard library and effectively break out of the sandbox. |
- CVE-2020-8553Jul 29, 2020risk 0.00cvss —epss 0.01
The Kubernetes ingress-nginx component prior to version 0.28.0 allows a user with the ability to create namespaces and to read and create ingress objects to overwrite the password file of another ingress which uses nginx.ingress.kubernetes.io/auth-type: basic and which has a…
- CVE-2020-5296Jun 3, 2020risk 0.00cvss —epss 0.01
In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to delete arbitrary local files of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the…
- CVE-2020-5297Jun 3, 2020risk 0.00cvss —epss 0.01
In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to upload jpg, jpeg, bmp, png, webp, gif, ico, css, js, woff, woff2, svg, ttf, eot, json, md, less, sass, scss, xml files to any directory of an…
- CVE-2019-14905Mar 31, 2020risk 0.00cvss —epss 0.01
A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craft the filename…
- risk 0.00cvss 10.0epss 0.03
The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access the entire standard library and effectively break out of the sandbox.