Description
The product assigns an owner to a resource, but the owner is outside of the intended control sphere.
Extended Description
This may allow the resource to be manipulated by actors outside of the intended control sphere.
CVE vulnerabilities with CWE-708 (20)
8.1
CVSS
HIGH
CVE-2026-40196
pub. 2026-04-17
8.1
CVSS
HIGH
CVE-2021-32689
pub. 2021-07-12
7.8
CVSS
HIGH
CVE-2024-52561
pub. 2025-06-03
7.5
CVSS
HIGH
CVE-2022-33737
pub. 2022-07-06
7.3
CVSS
HIGH
CVE-2022-22189
pub. 2022-04-14
7.1
CVSS
HIGH
CVE-2021-32726
pub. 2021-07-12
6.7
CVSS
MEDIUM
CVE-2023-29122
pub. 2024-11-05
6.7
CVSS
MEDIUM
CVE-2023-20043
pub. 2023-01-20
6.7
CVSS
MEDIUM
CVE-2023-20044
pub. 2023-01-20
6.5
CVSS
MEDIUM
CVE-2024-41773
pub. 2024-08-20
6.0
CVSS
MEDIUM
CVE-2024-45417
pub. 2025-02-25
5.9
CVSS
MEDIUM
CVE-2021-26248
pub. 2021-11-19
5.3
CVSS
MEDIUM
CVE-2026-32691
pub. 2026-03-18
5.3
CVSS
MEDIUM
CVE-2025-14262
pub. 2025-12-08
5.3
CVSS
MEDIUM
CVE-2023-4008
pub. 2023-08-03
4.9
CVSS
MEDIUM
CVE-2024-45426
pub. 2025-02-25
3.7
CVSS
LOW
CVE-2023-41881
pub. 2023-10-11
3.5
CVSS
LOW
CVE-2025-5069
pub. 2025-09-26
3.1
CVSS
LOW
CVE-2024-9633
pub. 2024-11-14
1.9
CVSS
LOW
CVE-2025-5467
pub. 2025-12-10