Nextcloud Server Security Vulnerabilities and Issues — Nextcloud Server CVE List

Lucene search

NextcloudNextcloud Server

3 matches found

CVE•added 2022/12/01 9:15 p.m.•78 views

CVE-2022-41969

Nextcloud Server is an open source personal cloud server. Prior to versions 23.0.11, 24.0.7, and 25.0.0, there is no password length limit when creating a user as an administrator. An administrator can cause a limited DoS attack against their own server. Versions 23.0.11, 24.0.7, and 25.0.0 contain...

2.7CVSS3.5AI score0.00058EPSS

CVE•added 2022/12/01 9:15 p.m.•64 views

CVE-2022-41970

Nextcloud Server is an open source personal cloud server. Prior to versions 24.0.7 and 25.0.1, disabled download shares still allow download through preview images. Images could be downloaded and previews of documents (first page) can be downloaded without being watermarked. Versions 24.0.7 and 25....

5.3CVSS4.4AI score0.0012EPSS

CVE•added 2022/12/01 9:15 p.m.•55 views

CVE-2022-41968

Nextcloud Server is an open source personal cloud server. Prior to versions 23.0.10 and 24.0.5, calendar name lengths are not validated before writing to a database. As a result, an attacker can send unnecessary amounts of data against the database. Version 23.0.10 and 24.0.5 contain patches for th...

5.3CVSS4.5AI score0.00089EPSS