Lucene search
SuseOPENSUSE-SU-2018:1924-1HistoryJul 11, 2018 - 9:07 p.m.
Security update for nextcloud (moderate)
2018-07-1121:07:57
lists.opensuse.org
55
EPSS
0.002
Percentile
57.4%
This update for nextcloud fixes the following issues:
Security issues fixed:
- CVE-2018-3761: Fix improper authentication on the OAuth2 token endpoint
(bsc#1100344). - CVE-2018-3762: Fix improper checks of dropped permissions for incoming
shares allowing a user to still request previews for files it should not
have access to (bsc#1100343).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 15.0 | noarch | nextcloud | < 13.0.4-lp150.2.3.1 | nextcloud-13.0.4-lp150.2.3.1.noarch.rpm |
| openSUSE Leap | 42.3 | noarch | nextcloud | < 13.0.4-9.1 | nextcloud-13.0.4-9.1.noarch.rpm |
Related
openvas
openvas
openSUSE: Security Advisory for nextcloud (openSUSE-SU-2018:1924-1)
2018-07-12 00:00:00
nessus
nessus
openSUSE Security Update : nextcloud (openSUSE-2019-511)
2019-03-27 00:00:00
openSUSE Security Update : nextcloud (openSUSE-2018-712)
2018-07-12 00:00:00
redhatcve
redhatcve
CVE-2018-3761
2022-05-20 23:29:36
hackerone
hackerone
Nextcloud: OAuth2 Access Token and App Password Security Vulnerability
2018-04-25 17:03:37
Nextcloud: File access control rules not enforced on image files
2018-05-28 15:24:21
cve
cve
CVE-2018-3761
2018-07-05 16:29:00
CVE-2018-3762
2018-07-05 16:29:00
osv
osv
CVE-2018-3761
2018-07-05 16:29:00
CVE-2018-3762
2018-07-05 16:29:00
cvelist
cvelist
CVE-2018-3761
2018-07-05 16:00:00
CVE-2018-3762
2018-07-05 16:00:00
nextcloud
nextcloud
Improper validation on OAuth2 token endpoint (NC-SA-2018-003)
2018-06-21 00:00:00
File access control rules not applied to image previews (NC-SA-2018-002)
2018-06-21 00:00:00
prion
prion
Authentication flaw
2018-07-05 16:29:00
Input validation
2018-07-05 16:29:00
nvd
nvd
CVE-2018-3761
2018-07-05 16:29:00
CVE-2018-3762
2018-07-05 16:29:00