3 matches found
CVE-2022-29243 Improper input-size validation on the user new session name in Nextcloud Server
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Prior to versions 22.2.7 and 23.0.4, missing input-size validation of new session names allows users to create app passwords with long names. These long names are then loaded into memory on usage,...
CVE-2022-29243 Improper input-size validation on the user new session name in Nextcloud Server
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Prior to versions 22.2.7 and 23.0.4, missing input-size validation of new session names allows users to create app passwords with long names. These long names are then loaded into memory on usage,...
CVE-2022-29243
CVE-2022-29243 affects Nextcloud Server: insufficient input-size validation for new session names allows creation of excessively long app passwords, whose names are loaded into memory on use and can degrade performance. Affected versions are prior to 22.2.7 and 23.0.4; a fix is provided in 22.2.7...