apk package
wolfi/nextcloud-server-31-apache2-config
pkg:apk/wolfi/nextcloud-server-31-apache2-config
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-14761 | Med | 5.3 | < 31.0.12-r0 | 31.0.12-r0 | Dec 17, 2025 | Missing cryptographic key commitment in the AWS SDK for PHP may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata record. To mitigate |
- affected < 31.0.12-r0fixed 31.0.12-r0
Missing cryptographic key commitment in the AWS SDK for PHP may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata record. To mitigate