Nextcloud Server — набор клиент-серверных программ для создания и использования хранилища данных.
Релизный цикл, информация об уязвимостях
График релизов
Количество 409
CVE-2018-3762
Nextcloud Server before 12.0.8 and 13.0.3 suffers from improper checks ...
CVE-2018-3761
Nextcloud Server before 12.0.8 and 13.0.3 suffer from improper authentication on the OAuth2 token endpoint. Missing checks potentially allowed handing out new tokens in case the OAuth2 client was partly compromised.
CVE-2018-3761
Nextcloud Server before 12.0.8 and 13.0.3 suffer from improper authent ...
openSUSE-SU-2018:1040-1
Security update for nextcloud
CVE-2017-0936
Nextcloud Server before 11.0.7 and 12.0.5 suffers from an Authorization Bypass Through User-Controlled Key vulnerability. A missing ownership check allowed logged-in users to change the scope of app passwords of other users. Note that the app passwords themselves where neither disclosed nor could the error be misused to identify as another user.
CVE-2017-0936
Nextcloud Server before 11.0.7 and 12.0.5 suffers from an Authorizatio ...
CVE-2017-0895
Nextcloud Server before 10.0.4 and 11.0.2 are vulnerable to disclosure of calendar and addressbook names to other logged-in users. Note that no actual content of the calendar and addressbook has been disclosed.
CVE-2017-0895
Nextcloud Server before 10.0.4 and 11.0.2 are vulnerable to disclosure ...
CVE-2017-0894
Nextcloud Server before 11.0.3 is vulnerable to disclosure of valid share tokens for public calendars due to a logical error. Thus granting an attacker potentially access to publicly shared calendars without knowing the share token.
CVE-2017-0894
Nextcloud Server before 11.0.3 is vulnerable to disclosure of valid sh ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2018-3762 Nextcloud Server before 12.0.8 and 13.0.3 suffers from improper checks ... | CVSS3: 4.3 | 0% Низкий | почти 7 лет назад |
 | CVE-2018-3761 Nextcloud Server before 12.0.8 and 13.0.3 suffer from improper authentication on the OAuth2 token endpoint. Missing checks potentially allowed handing out new tokens in case the OAuth2 client was partly compromised. | CVSS3: 8.1 | 1% Низкий | почти 7 лет назад |
| CVE-2018-3761 Nextcloud Server before 12.0.8 and 13.0.3 suffer from improper authent ... | CVSS3: 8.1 | 1% Низкий | почти 7 лет назад |
 | openSUSE-SU-2018:1040-1 Security update for nextcloud | 0% Низкий | около 7 лет назад | |
| CVE-2017-0936 Nextcloud Server before 11.0.7 and 12.0.5 suffers from an Authorization Bypass Through User-Controlled Key vulnerability. A missing ownership check allowed logged-in users to change the scope of app passwords of other users. Note that the app passwords themselves where neither disclosed nor could the error be misused to identify as another user. | CVSS3: 5.7 | 0% Низкий | около 7 лет назад |
| CVE-2017-0936 Nextcloud Server before 11.0.7 and 12.0.5 suffers from an Authorizatio ... | CVSS3: 5.7 | 0% Низкий | около 7 лет назад |
| CVE-2017-0895 Nextcloud Server before 10.0.4 and 11.0.2 are vulnerable to disclosure of calendar and addressbook names to other logged-in users. Note that no actual content of the calendar and addressbook has been disclosed. | CVSS3: 3.5 | 0% Низкий | около 8 лет назад |
| CVE-2017-0895 Nextcloud Server before 10.0.4 and 11.0.2 are vulnerable to disclosure ... | CVSS3: 3.5 | 0% Низкий | около 8 лет назад |
| CVE-2017-0894 Nextcloud Server before 11.0.3 is vulnerable to disclosure of valid share tokens for public calendars due to a logical error. Thus granting an attacker potentially access to publicly shared calendars without knowing the share token. | CVSS3: 4.3 | 1% Низкий | около 8 лет назад |
| CVE-2017-0894 Nextcloud Server before 11.0.3 is vulnerable to disclosure of valid sh ... | CVSS3: 4.3 | 1% Низкий | около 8 лет назад |
Уязвимостей на страницу