4969 matches found
Nextcloud: HEIC image preview can be used to invoke Imagick
The HEIC image preview provider calls into Imagick at https://github.com/nextcloud/server/blob/5d097ddb4b99673f57b8c085dedd93880ee2539d/lib/private/Preview/HEIC.phpL98-L109. This is bad as Imagick processes all kind of image types. One can use this for example to exfiltrate arbitrary files by...
Nextcloud: High memory usage for generating preview of broken image
When the attached file is uploaded and a preview is generated e.g. in the folder overview of the files app, the PHP process allocates a very large amount of memory on my machine it was shortly around 5 GByte and CPU. Tested with latest master 1366b35081f1d92429787696f4175c19a602858a on Ubuntu 20....
Nextcloud Input Validation Error Vulnerability (CNVD-2022-20701)
An input validation error vulnerability exists in Nextcloud Server, which stems from the fact that DownloadResponse does not do security checks on uploaded file names, and could be exploited to trick users into downloading malicious files with normal file name...
CVE-2021-32734
Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, the Nextcloud Text application shipped with Nextcloud Server returned verbatim exception messages to the user. This could result in a full path disclosure on shared files. The issu...
CVE-2021-32741
Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, there was a lack of ratelimiting on the public share link mount endpoint. This may have allowed an attacker to enumerate potentially valid share tokens. The issue was fixed in...
CVE-2021-32734
Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, the Nextcloud Text application shipped with Nextcloud Server returned verbatim exception messages to the user. This could result in a full path disclosure on shared files. The issu...
CVE-2021-32741
Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, there was a lack of ratelimiting on the public share link mount endpoint. This may have allowed an attacker to enumerate potentially valid share tokens. The issue was fixed in...
Path traversal
Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, the Nextcloud Text application shipped with Nextcloud Server returned verbatim exception messages to the user. This could result in a full path disclosure on shared files. The issu...
Code injection
Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, there was a lack of ratelimiting on the public share link mount endpoint. This may have allowed an attacker to enumerate potentially valid share tokens. The issue was fixed in...
CVE-2021-32741 Lack of ratelimit on public share link mount endpoint
Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, there was a lack of ratelimiting on the public share link mount endpoint. This may have allowed an attacker to enumerate potentially valid share tokens. The issue was fixed in...
CVE-2021-32741
CVE-2021-32741 : Nextcloud Server versions before 19.0.13, 20.0.11, and 21.0.3 lacked ratelimiting on the public share link mount endpoint, enabling enumeration of potentially valid share tokens. The issue is fixed in the corresponding updated releases (19.0.13, 20.0.11, 21.0.3). No public workar...
CVE-2021-32734
CVE-2021-32734 affects Nextcloud Server where the Nextcloud Text application, prior to versions 19.0.13, 20.0.11, and 21.0.3, returned verbatim exception messages to users, potentially disclosing full paths of shared files. The issue was fixed in 19.0.13, 20.0.11, and 21.0.3. A workaround is to d...
CVE-2021-32734 File path disclosure of shared files in Nextcloud Text application
Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, the Nextcloud Text application shipped with Nextcloud Server returned verbatim exception messages to the user. This could result in a full path disclosure on shared files. The issu...
CVE-2021-32727
Nextcloud Android Client is the Android client for Nextcloud. Clients using the Nextcloud end-to-end encryption feature download the public and private key via an API endpoint. In versions prior to 3.16.1, the Nextcloud Android client skipped a step that involved the client checking if a private...
CVE-2021-32733
Nextcloud Text is a collaborative document editing application that uses Markdown. A cross-site scripting vulnerability is present in versions prior to 19.0.13, 20.0.11, and 21.0.3. The Nextcloud Text application shipped with Nextcloud server used a text/html Content-Type when serving files to...
CVE-2021-32727
Nextcloud Android Client is the Android client for Nextcloud. Clients using the Nextcloud end-to-end encryption feature download the public and private key via an API endpoint. In versions prior to 3.16.1, the Nextcloud Android client skipped a step that involved the client checking if a private...
CVE-2021-32733
Nextcloud Text is a collaborative document editing application that uses Markdown. A cross-site scripting vulnerability is present in versions prior to 19.0.13, 20.0.11, and 21.0.3. The Nextcloud Text application shipped with Nextcloud server used a text/html Content-Type when serving files to...
Cross site scripting
Nextcloud Text is a collaborative document editing application that uses Markdown. A cross-site scripting vulnerability is present in versions prior to 19.0.13, 20.0.11, and 21.0.3. The Nextcloud Text application shipped with Nextcloud server used a text/html Content-Type when serving files to...
Code injection
Nextcloud Android Client is the Android client for Nextcloud. Clients using the Nextcloud end-to-end encryption feature download the public and private key via an API endpoint. In versions prior to 3.16.1, the Nextcloud Android client skipped a step that involved the client checking if a private...
CVE-2021-32733
CVE-2021-32733 relates to Nextcloud Text (Nextcloud Server) where a cross-site scripting vulnerability exists in Nextcloud Text prior to 21.0.3, caused by serving files with a text/html Content-Type. The issue is mitigated by Content-Security-Policy in modern browsers but was fixed in Nextcloud T...