Lucene search

CVE-2023-48306

🗓️ 21 Nov 2023 23:07:15Reported by GoogleType

osv🔗 osv.dev👁 13 Views

Nextcloud Server and Enterprise Server versions 25.0.0 - 27.1.0 DNS rebinding vulnerabilit

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 8
Hacker One	Nextcloud: DNS pin middleware can be tricked into DNS rebinding allowing SSRF	18 Aug 202307:46	–	hackerone
CVE	CVE-2023-48306	21 Nov 202323:15	–	cve
NVD	CVE-2023-48306	21 Nov 202323:15	–	nvd
Prion	Server side request forgery (ssrf)	21 Nov 202323:15	–	prion
Cvelist	CVE-2023-48306 Nextcloud Server DNS pin middleware can be tricked into DNS rebinding allowing SSRF	21 Nov 202322:20	–	cvelist
Nextcloud	DNS pin middleware can be tricked into DNS rebinding allowing SSRF	21 Nov 202305:19	–	nextcloud
OpenVAS	Nextcloud Server < 22.2.10.16, 23.x < 23.0.12.11, 24.x <24.0.12.7, 25.x < 25.0.11, 26.x < 26.0.6, 27.x < 27.1.0 Multiple Vulnerabilities (GHSA-8JWV-C8C8-9FR3, GHSA-8F69-F9JG-4X3V)	22 Nov 202300:00	–	openvas
Redos	ROS-20240402-12	2 Apr 202400:00	–	redos

Source	Link
github	www.github.com/nextcloud/security-advisories/security/advisories/GHSA-8f69-f9jg-4x3v
github	www.github.com/nextcloud/server/pull/40234
hackerone	www.hackerone.com/reports/2115212

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

21 Nov 2023 23:15Current

6.7Medium risk

Vulners AI Score6.7

CVSS35 - 9.8

EPSS0.005