Описание
Nextcloud Server is an open source personal cloud server. Prior to versions 24.0.7 and 25.0.1, disabled download shares still allow download through preview images. Images could be downloaded and previews of documents (first page) can be downloaded without being watermarked. Versions 24.0.7 and 25.0.1 contain a fix for this issue. No known workarounds are available.
Ссылки
- Third Party Advisory
- PatchThird Party Advisory
- Permissions RequiredThird Party Advisory
- Third Party Advisory
- PatchThird Party Advisory
- Permissions RequiredThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 24.0.0 (включая) до 24.0.7 (исключая)Версия от 24.0.0 (включая) до 24.0.7 (исключая)
Одно из
cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*
cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:nextcloud:nextcloud_server:25.0.0:*:*:*:-:*:*:*
cpe:2.3:a:nextcloud:nextcloud_server:25.0.0:*:*:*:enterprise:*:*:*
EPSS
Процентиль: 28%
0.00096
Низкий
2.6 Low
CVSS3
5.3 Medium
CVSS3
Дефекты
CWE-284
CWE-863
Связанные уязвимости
CVSS3: 2.6
debian
больше 2 лет назад
Nextcloud Server is an open source personal cloud server. Prior to ver ...
EPSS
Процентиль: 28%
0.00096
Низкий
2.6 Low
CVSS3
5.3 Medium
CVSS3
Дефекты
CWE-284
CWE-863