Nextcloud: Suspicious login app ships old league/flysystem version

A vulnerability in the Suspicious Login app allowed a remote attacker to execute arbitrary code on the target system due to a race condition. The vulnerability was caused by an outdated version of the Flysystem library 0.1.0 - 2.1.0 that allowed a malicious user to upload and execute arbitrary co...