Unrated severityNVD Advisory· Published Mar 20, 2020· Updated Aug 4, 2024
CVE-2020-8138
CVE-2020-8138
Description
A missing check for IPv4 nested inside IPv6 in Nextcloud server < 17.0.1, < 16.0.7, and < 15.0.14 allowed a Server-Side Request Forgery (SSRF) vulnerability when subscribing to a malicious calendar URL.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <17.0.1, <16.0.7, <15.0.14
Patches
Vulnerability mechanics
References
2- hackerone.com/reports/736867mitrex_refsource_MISC
- nextcloud.com/security/advisory/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.