19 matches found
Fedora: Security Advisory (FEDORA-2025-f62aee4fe6)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 41 Update: nextcloud-31.0.5-1.fc41
NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...
CVE-2023-33183
Calendar app for Nextcloud easily sync events from various devices with your Nextcloud. Some internal paths of the website are disclosed when the SMTP server is unavailable. It is recommended that the Calendar app is updated to 3.5.5 or 4.2.3...
CVE-2023-22469
Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. When getting the reference preview for Deck cards the user has no access to, unauthorized user could eventually get the cached data of a user that has access. There ar...
OPENSUSE-SU-2023:0171-1 Security update for nextcloud-desktop
This update for nextcloud-desktop fixes the following issues: Update ot 3.8.0 - Resize WebView widget once the loginpage rendered - Feature/secure file drop - Check German translation for wrong wording - L10n: Correct word - Fix displaying of file details button for local syncfileitem activities ...
OPENSUSE-SU-2023:0090-1 Security update for nextcloud-desktop
This update for nextcloud-desktop fixes the following issues: nextcloud-desktop was updated to 3.8.0: - Resize WebView widget once the loginpage rendered - Feature/secure file drop - Check German translation for wrong wording - L10n: Correct word - Fix displaying of file details button for local...
OPENSUSE-SU-2023:0083-1 Security update for nextcloud
This update for nextcloud fixes the following issues: - Update to 23.0.12 See: https://nextcloud.com/changelog/latest23 - This also fix security issues: - CVE-2022-35931: Password Policy app could generate passwords that would be block boo1203190 - CVE-2022-39346: Missing length validation of use...
OPENSUSE-SU-2022:0089-1 Security update for nextcloud
This update for nextcloud fixes the following issues: nextcloud was updated to 21.0.9: - CVE-2021-41239 CWE-200: user enumeration setting not obeyed in User Status API boo1196905 - CVE-2021-41241 CWE-863: groupfolders advanced permissions is not obeyed for subfolders boo1196908 - CVE-2021-41741...
OPENSUSE-SU-2021:1602-1 Security update for nextcloud
This update for nextcloud fixes the following issues: Update to 20.0.14 Security issues fixed: CVE-2021-41179: Fix boo1192028 - CWE-304: Two-Factor Authentication not enforced for pages marked as public CVE-2021-41178: Fix boo1192030 - CWE-434: File Traversal affecting SVG files on Nextcloud Serv...
OPENSUSE-SU-2021:1255-1 Security update for nextcloud
This update for nextcloud fixes the following issues: Update to 20.0.12 Fix boo1190291 - CVE-2021-32766 CWE-209: Generation of Error Message Containing Sensitive Information - CVE-2021-32800 CWE-306: Missing Authentication for Critical Function - CVE-2021-32801 CWE-532: Insertion of Sensitive...
OPENSUSE-SU-2021:1253-1 Security update for nextcloud
This update for nextcloud fixes the following issues: Update to 20.0.12 Fix boo1190291 - CVE-2021-32766 CWE-209: Generation of Error Message Containing Sensitive Information - CVE-2021-32800 CWE-306: Missing Authentication for Critical Function - CVE-2021-32801 CWE-532: Insertion of Sensitive...
Security update for nextcloud (important)
openSUSE Security Update: Security update for nextcloud Announcement ID: openSUSE-SU-2021:1253-1 Rating: important References: 1190291 Cross-References: CVE-2021-32766 CVE-2021-32800 CVE-2021-32801 CVE-2021-32802 CVSS scores: CVE-2021-32800 NVD : 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N...
OPENSUSE-SU-2021:1068-1 Security update for nextcloud
This update for nextcloud fixes the following issues: nextcloud was updated to 20.0.11: - Fix boo1188247 - CVE-2021-32678: OCS API response ratelimits are not applied - Fix boo1188248 - CVE-2021-32679: filenames where not escaped by default in controllers using DownloadResponse - Fix boo1188249 -...
Nextcloud: Nextcloud update checks leaks information
Hi, I think this is more of a privacy concern than a security concern. However I wanted to check here first. Please direct me to an other suitable location if needed. It is in relation to https://github.com/nextcloud/server/blob/master/lib/private/Updater/VersionCheck.phpL78 This is sending sever...
OPENSUSE-SU-2021:0274-1 Security update for nextcloud
This update for nextcloud fixes the following issues: - nextcloud was upgraded to version 20.0.7 - CVE-2020-8294: Fixed a missing link validation boo1181803 - CVE-2020-8295: Fixed a denial of service attack boo1181804 - CVE-2020-8293: Fixed an input validation issue boo1181445 This update was...
OPENSUSE-SU-2020:0668-1 Security update for nextcloud
This update for nextcloud to 18.0.4 fixes the following issues: Security issues fixed: - CVE-2020-8154: Fixed an XSS vulnerability when opening malicious PDFs NC-SA-2020-018 boo1171579. - CVE-2020-8155: Fixed a direct object reference vulnerability that allowed attackers to remotely wipe devices ...
MGASA-2020-0099 Updated nextcloud packages fix security vulnerability
Updated nextcloud packages fix security vulnerability: A bug in Nextcloud Server causes the workflow rules to depend their behavior on the file extension when checking file mimetypes CVE-2019-15613. The nextcloud package has been updated to version 15.0.14, fixing this issue and other bugs...
MGASA-2018-0394 Updated nextcloud packages fix security vulnerability
Nextcloud has been updated to 13.0.6 and fixes at least the following security issue: A missing sanitization of search results for an autocomplete field could lead to a stored XSS requiring user-interaction. The missing sanitization only affected user names, hence malicious search results could...
MGASA-2018-0226 Updated nextcloud packages fix security vulnerabilities and update version
Mageia 6 brings Nextcloud 11, which is not supported anymore upstream. This update brings version 12 with several security fixes. The database system is now in a separate package, so you will have to choose manually the one you are using...