rpm package
opensuse/nextcloud&distro=openSUSE Leap 15.4
pkg:rpm/opensuse/nextcloud&distro=openSUSE%20Leap%2015.4
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-25579 | — | < 23.0.12-bp154.2.3.1 | 23.0.12-bp154.2.3.1 | Feb 22, 2023 | Nextcloud server is a self hosted home cloud product. In affected versions the `OC\Files\Node\Folder::getFullPath()` function was validating and normalizing the string in the wrong order. The function is used in the `newFile()` and `newFolder()` items, which may allow to creation | ||
| CVE-2022-39346 | — | < 23.0.12-bp154.2.3.1 | 23.0.12-bp154.2.3.1 | Nov 25, 2022 | Nextcloud server is an open source personal cloud server. Affected versions of nextcloud server did not properly limit user display names which could allow a malicious users to overload the backing database and cause a denial of service. It is recommended that the Nextcloud Serve | ||
| CVE-2022-35931 | — | < 23.0.12-bp154.2.3.1 | 23.0.12-bp154.2.3.1 | Sep 6, 2022 | Nextcloud Password Policy is an app that enables a Nextcloud server admin to define certain rules for passwords. Prior to versions 22.2.10, 23.0.7, and 24.0.3 the random password generator may, in very rare cases, generate common passwords that the validator itself would block. U |
- CVE-2023-25579Feb 22, 2023affected < 23.0.12-bp154.2.3.1fixed 23.0.12-bp154.2.3.1
Nextcloud server is a self hosted home cloud product. In affected versions the `OC\Files\Node\Folder::getFullPath()` function was validating and normalizing the string in the wrong order. The function is used in the `newFile()` and `newFolder()` items, which may allow to creation
- CVE-2022-39346Nov 25, 2022affected < 23.0.12-bp154.2.3.1fixed 23.0.12-bp154.2.3.1
Nextcloud server is an open source personal cloud server. Affected versions of nextcloud server did not properly limit user display names which could allow a malicious users to overload the backing database and cause a denial of service. It is recommended that the Nextcloud Serve
- CVE-2022-35931Sep 6, 2022affected < 23.0.12-bp154.2.3.1fixed 23.0.12-bp154.2.3.1
Nextcloud Password Policy is an app that enables a Nextcloud server admin to define certain rules for passwords. Prior to versions 22.2.10, 23.0.7, and 24.0.3 the random password generator may, in very rare cases, generate common passwords that the validator itself would block. U