Description
The product, while copying or cloning a resource, does not set the resource's permissions or access control until the copy is complete, leaving the resource exposed to other spheres while the copy is taking place.
CVE vulnerabilities with CWE-689 (3)
8.8
CVSS
HIGH
CVE-2022-28768
pub. 2022-11-17
5.9
CVSS
MEDIUM
CVE-2025-40909
pub. 2025-05-30
5.1
CVSS
MEDIUM
CVE-2025-0087
pub. 2025-09-04