Low: docker

Issue Overview: golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors...

SUSE CVE-2023-45151

Nextcloud server is an open source home cloud platform. Affected versions of Nextcloud stored OAuth2 tokens in plaintext which allows an attacker who has gained access to the server to potentially elevate their privilege. This issue has been addressed and users are recommended to upgrade their...

CVE-2023-45151 OAuth2 client_secret stored in plain text in the Nextcloud database

Nextcloud server is an open source home cloud platform. Affected versions of Nextcloud stored OAuth2 tokens in plaintext which allows an attacker who has gained access to the server to potentially elevate their privilege. This issue has been addressed and users are recommended to upgrade their...

PT-2023-6441 · Nextcloud +2 · Nextcloud +2

Name of the Vulnerable Software and Affected Versions: Nextcloud versions prior to 25.0.8 Nextcloud versions prior to 26.0.3 Nextcloud versions prior to 27.0.1 Description: The issue is related to the storage of OAuth2 tokens in plaintext in Nextcloud, allowing an attacker who has gained access t...

PT-2023-5259 · Nextcloud +2 · Nextcloud Server +2

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions 25.0.0 through 25.0.8 Nextcloud Server versions 26.0.0 through 26.0.3 Nextcloud Server versions 27.0.0 through 27.0.0 Description: The issue is related to improper access control in Nextcloud Server, which provides...