Lucene search
GoogleOSV:CVE-2022-43679HistoryNov 10, 2022 - 9:15 p.m.
CVE-2022-43679
2022-11-1021:15:11
Google
osv.dev
1
docker
misconfiguration
owncloud server
url spoofing
password-reset
emails
The Docker image of ownCloud Server through 10.11 contains a misconfiguration that renders the trusted_domains config useless. This could be abused to spoof the URL in password-reset e-mail messages.
| CPE | Name | Operator | Version |
|---|---|---|---|
| core | eq | 10.0.3beta2 | |
| core | eq | 10.0.0RC5 | |
| core | eq | 10.11.0-rc.2 | |
| core | eq | 10.0.5 | |
| core | eq | 4.5.0beta2 | |
| core | eq | 8.0.0beta1 | |
| core | eq | 10.7.0RC2 | |
| core | eq | 4.0.6 | |
| core | eq | 2.0beta3 | |
| core | eq | 10.10.0 |
References
Related
cve
cve
CVE-2022-43679
2022-11-10 21:15:11
nvd
nvd
CVE-2022-43679
2022-11-10 21:15:11
cvelist
cvelist
CVE-2022-43679
2022-11-10 00:00:00
prion
prion
Design/Logic Flaw
2022-11-10 21:15:00
owncloud
owncloud
URL spoofing in password reset mail - ownCloud
2022-10-18 00:00:00