Nextcloud Server — набор клиент-серверных программ для создания и использования хранилища данных.

Релизный цикл, информация об уязвимостях

Продукт: Nextcloud Server

Вендор: nextcloud

График релизов

Недавние уязвимости Nextcloud Server

Количество 409

CVE-2020-8139

больше 5 лет назад

A missing access control check in Nextcloud Server < 18.0.1, < 17.0.4, and < 16.0.9 causes hide-download shares to be downloadable when appending /download to the URL.

CVSS3: 6.5

EPSS: Низкий

CVE-2020-8139

больше 5 лет назад

A missing access control check in Nextcloud Server < 18.0.1, < 17.0.4, ...

CVSS3: 6.5

EPSS: Низкий

CVE-2020-8138

больше 5 лет назад

A missing check for IPv4 nested inside IPv6 in Nextcloud server < 17.0.1, < 16.0.7, and < 15.0.14 allowed a Server-Side Request Forgery (SSRF) vulnerability when subscribing to a malicious calendar URL.

CVSS3: 6.5

EPSS: Низкий

CVE-2020-8138

больше 5 лет назад

A missing check for IPv4 nested inside IPv6 in Nextcloud server < 17.0 ...

CVSS3: 6.5

EPSS: Низкий

CVE-2020-8122

больше 5 лет назад

A missing check in Nextcloud Server 14.0.3 could give recipient the possibility to extend the expiration date of a share they received.

CVSS3: 4.3

EPSS: Низкий

CVE-2020-8122

больше 5 лет назад

A missing check in Nextcloud Server 14.0.3 could give recipient the po ...

CVSS3: 4.3

EPSS: Низкий

CVE-2020-8121

больше 5 лет назад

A bug in Nextcloud Server 14.0.4 could expose more data in reshared link shares than intended by the sharer.

CVSS3: 8.1

EPSS: Низкий

CVE-2020-8121

больше 5 лет назад

A bug in Nextcloud Server 14.0.4 could expose more data in reshared li ...

CVSS3: 8.1

EPSS: Низкий

CVE-2020-8120

больше 5 лет назад

A reflected Cross-Site Scripting vulnerability in Nextcloud Server 16.0.1 was discovered in the svg generation.

CVSS3: 6.1

EPSS: Низкий

CVE-2020-8120

больше 5 лет назад

A reflected Cross-Site Scripting vulnerability in Nextcloud Server 16. ...

CVSS3: 6.1

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2020-8139 A missing access control check in Nextcloud Server < 18.0.1, < 17.0.4, and < 16.0.9 causes hide-download shares to be downloadable when appending /download to the URL.	CVSS3: 6.5	0% Низкий	больше 5 лет назад
CVE-2020-8139 A missing access control check in Nextcloud Server < 18.0.1, < 17.0.4, ...	CVSS3: 6.5	0% Низкий	больше 5 лет назад
CVE-2020-8138 A missing check for IPv4 nested inside IPv6 in Nextcloud server < 17.0.1, < 16.0.7, and < 15.0.14 allowed a Server-Side Request Forgery (SSRF) vulnerability when subscribing to a malicious calendar URL.	CVSS3: 6.5	0% Низкий	больше 5 лет назад
CVE-2020-8138 A missing check for IPv4 nested inside IPv6 in Nextcloud server < 17.0 ...	CVSS3: 6.5	0% Низкий	больше 5 лет назад
CVE-2020-8122 A missing check in Nextcloud Server 14.0.3 could give recipient the possibility to extend the expiration date of a share they received.	CVSS3: 4.3	0% Низкий	больше 5 лет назад
CVE-2020-8122 A missing check in Nextcloud Server 14.0.3 could give recipient the po ...	CVSS3: 4.3	0% Низкий	больше 5 лет назад
CVE-2020-8121 A bug in Nextcloud Server 14.0.4 could expose more data in reshared link shares than intended by the sharer.	CVSS3: 8.1	0% Низкий	больше 5 лет назад
CVE-2020-8121 A bug in Nextcloud Server 14.0.4 could expose more data in reshared li ...	CVSS3: 8.1	0% Низкий	больше 5 лет назад
CVE-2020-8120 A reflected Cross-Site Scripting vulnerability in Nextcloud Server 16.0.1 was discovered in the svg generation.	CVSS3: 6.1	0% Низкий	больше 5 лет назад
CVE-2020-8120 A reflected Cross-Site Scripting vulnerability in Nextcloud Server 16. ...	CVSS3: 6.1	0% Низкий	больше 5 лет назад

Уязвимостей на страницу