Lucene search
Redhat.comRH:CVE-2018-3761HistoryMay 20, 2022 - 11:29 p.m.
CVE-2018-3761
2022-05-2023:29:36
redhat.com
access.redhat.com
14
nextcloud
oauth2
authentication
vulnerability
token endpoint
EPSS
0.002
Percentile
57.4%
Nextcloud Server before 12.0.8 and 13.0.3 suffer from improper authentication on the OAuth2 token endpoint. Missing checks potentially allowed handing out new tokens in case the OAuth2 client was partly compromised.
Related
openvas
openvas
openSUSE: Security Advisory for nextcloud (openSUSE-SU-2018:1924-1)
2018-07-12 00:00:00
nessus
nessus
openSUSE Security Update : nextcloud (openSUSE-2019-511)
2019-03-27 00:00:00
openSUSE Security Update : nextcloud (openSUSE-2018-712)
2018-07-12 00:00:00
suse
suse
Security update for nextcloud (moderate)
2018-07-11 21:07:57
hackerone
hackerone
Nextcloud: OAuth2 Access Token and App Password Security Vulnerability
2018-04-25 17:03:37
Nextcloud: File access control rules not enforced on image files
2018-05-28 15:24:21
cve
cve
CVE-2018-3761
2018-07-05 16:29:00
CVE-2018-3762
2018-07-05 16:29:00
osv
osv
CVE-2018-3761
2018-07-05 16:29:00
CVE-2018-3762
2018-07-05 16:29:00
cvelist
cvelist
CVE-2018-3761
2018-07-05 16:00:00
CVE-2018-3762
2018-07-05 16:00:00
nextcloud
nextcloud
Improper validation on OAuth2 token endpoint (NC-SA-2018-003)
2018-06-21 00:00:00
File access control rules not applied to image previews (NC-SA-2018-002)
2018-06-21 00:00:00
prion
prion
Authentication flaw
2018-07-05 16:29:00
Input validation
2018-07-05 16:29:00
nvd
nvd
CVE-2018-3761
2018-07-05 16:29:00
CVE-2018-3762
2018-07-05 16:29:00