5 matches found
CVE-2024-52520 Nextcloud Server's link reference provider can be tricked into downloading bigger files than intended
Nextcloud Server is a self hosted personal cloud system. Due to a pre-flighted HEAD request, the link reference provider could be tricked into downloading bigger websites than intended, to find open-graph data. It is recommended that the Nextcloud Server is upgraded to 28.0.10 or 29.0.7 and...
CVE-2024-52520
The CVE-2024-52520 entries describe a vulnerability in Nextcloud Server where a pre-flighted HEAD request allows the link reference provider to be tricked into downloading larger websites than intended to extract open-graph data. Affected software includes Nextcloud Server and Enterprise Server w...
CVE-2024-52520 Nextcloud Server's link reference provider can be tricked into downloading bigger files than intended
Nextcloud Server is a self hosted personal cloud system. Due to a pre-flighted HEAD request, the link reference provider could be tricked into downloading bigger websites than intended, to find open-graph data. It is recommended that the Nextcloud Server is upgraded to 28.0.10 or 29.0.7 and...
CVE-2024-52520 Nextcloud Server's link reference provider can be tricked into downloading bigger files than intended
Nextcloud Server is a self hosted personal cloud system. Due to a pre-flighted HEAD request, the link reference provider could be tricked into downloading bigger websites than intended, to find open-graph data. It is recommended that the Nextcloud Server is upgraded to 28.0.10 or 29.0.7 and...
PT-2024-9154 · Nextcloud +1 · Nextcloud Enterprise Server +2
Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 28.0.10 Nextcloud Server versions prior to 29.0.7 Nextcloud Enterprise Server versions prior to 27.1.11.8 Nextcloud Enterprise Server versions prior to 28.0.10 Nextcloud Enterprise Server versions prior to...