VYPR
Unrated severityNVD Advisory· Published Mar 30, 2023· Updated Feb 11, 2025

Potential share collision for recipients when caching is enabled in nextcloud server

CVE-2023-28643

Description

Nextcloud server is an open source home cloud implementation. In affected versions when a recipient receives 2 shares with the same name, while a memory cache is configured, the second share will replace the first one instead of being renamed to {name} (2). It is recommended that the Nextcloud Server is upgraded to 25.0.3 or 24.0.9. Users unable to upgrade should avoid sharing 2 folders with the same name to the same user.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Nextcloud/Serverllm-fuzzy
    Range: <25.0.3
  • nextcloud/security-advisoriesv5
    Range: < 24.0.9

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.