Unrated severityNVD Advisory· Published Mar 30, 2023· Updated Feb 11, 2025
Potential share collision for recipients when caching is enabled in nextcloud server
CVE-2023-28643
Description
Nextcloud server is an open source home cloud implementation. In affected versions when a recipient receives 2 shares with the same name, while a memory cache is configured, the second share will replace the first one instead of being renamed to {name} (2). It is recommended that the Nextcloud Server is upgraded to 25.0.3 or 24.0.9. Users unable to upgrade should avoid sharing 2 folders with the same name to the same user.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- nextcloud/security-advisoriesv5Range: < 24.0.9
Patches
Vulnerability mechanics
References
3- github.com/nextcloud/security-advisories/security/advisories/GHSA-hhq4-4pr8-wm27mitrex_refsource_CONFIRM
- github.com/nextcloud/server/issues/34015mitrex_refsource_MISC
- github.com/nextcloud/server/pull/36047mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.