Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-47794

Опубликовано: 16 мая 2025
Источник: debian
EPSS Низкий

Описание

Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server prior to 29.0.13, 30.0.7, and 31.0.1 and Nextcloud Enterprise Server prior to 26.0.13.13, 27.1.11.13, 28.0.14.4, 29.0.13, 30.0.7, and 31.0.1, an attacker on a multi-user system may read temporary files from Nextcloud running with a different user account, or run a symlink attack. Nextcloud Server versions 29.0.13, 30.0.7, and 31.0.1 and Nextcloud Enterprise Server 26.0.13.13, 27.1.11.13, 28.0.14.4, 29.0.13, 30.0.7, and 31.0.1 fix the issue. No known workarounds are available.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
nextcloud-serveritppackage

EPSS

Процентиль: 6%
0.00027
Низкий

Связанные уязвимости

nvd логотип

CVE-2025-47794

CVSS3: 2.6
nvd
6 месяцев назад

Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server prior to 29.0.13, 30.0.7, and 31.0.1 and Nextcloud Enterprise Server prior to 26.0.13.13, 27.1.11.13, 28.0.14.4, 29.0.13, 30.0.7, and 31.0.1, an attacker on a multi-user system may read temporary files from Nextcloud running with a different user account, or run a symlink attack. Nextcloud Server versions 29.0.13, 30.0.7, and 31.0.1 and Nextcloud Enterprise Server 26.0.13.13, 27.1.11.13, 28.0.14.4, 29.0.13, 30.0.7, and 31.0.1 fix the issue. No known workarounds are available.

EPSS

Процентиль: 6%
0.00027
Низкий