25 matches found
openSUSE: Security Advisory for nextcloud (openSUSE-SU-2021:1253-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for nextcloud (important)
openSUSE Security Update: Security update for nextcloud Announcement ID: openSUSE-SU-2021:1253-1 Rating: important References: 1190291 Cross-References: CVE-2021-32766 CVE-2021-32800 CVE-2021-32801 CVE-2021-32802 CVSS scores: CVE-2021-32800 NVD : 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N...
CVE-2021-32802
creationtimestamp| type| source ---|---|--- 2021-09-08 02:22:58+00:00| seen| https://t.me/cibsecurity/28412...
CVE-2021-32802 Preview generation used third-party library not suited for user-generated content in Nextcloud server
Nextcloud server is an open source, self hosted personal cloud. Nextcloud supports rendering image previews for user provided file content. For some image types, the Nextcloud server was invoking a third-party library that wasn't suited for untrusted user-supplied content. There are several...
CVE-2021-32802
CVE-2021-32802 affects Nextcloud Server where image-preview rendering calls a third-party library not suited for untrusted content, enabling issues such as SSRF, file disclosure, or potential code execution. Public details confirm Nextcloud versions 20.0.12, 21.0.4 and 22.1.0 no longer use the vu...