VYPR
Medium severity5.4NVD Advisory· Published Jun 14, 2024· Updated Jun 17, 2026

CVE-2024-37886

CVE-2024-37886

Description

user_oidc app is an OpenID Connect user backend for Nextcloud. An attacker could potentially trick the app into accepting a request that is not signed by the correct server. It is recommended that the Nextcloud user_oidc app is upgraded to 1.3.5, 2.0.0, 3.0.0, 4.0.0 or 5.0.0.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Range: >=1.3.5, >=2.0.0, >=3.0.0, >=4.0.0, >=5.0.0
  • nextcloud/security-advisoriesv5
    Range: < 1.3.5

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.