-
Notifications
You must be signed in to change notification settings - Fork 13
Security: nextcloud/security-advisories
Security Navigation
Security Advisories
View information about security vulnerabilities from this repository's maintainers.
-
Users can make external storage mount points inaccessible for other usersGHSA-f962-hw26-g267 published
Nov 21, 2023 by nickvergessenHigh -
Require strict cookies for image proxy requestsGHSA-8j9x-fmww-qr37 published
Oct 16, 2023 by nickvergessenModerate -
OAuth2 client_secret stored in plain text in the databaseGHSA-hhgv-jcg9-p4m9 published
Oct 16, 2023 by nickvergessenModerate -
Inviting excessive long email addresses to a calendar event makes the server unresponsiveGHSA-r936-8gwm-w452 published
Oct 16, 2023 by nickvergessenModerate -
Password of talk conversations can be bruteforcedGHSA-7rf8-pqmj-rpqv published
Oct 16, 2023 by nickvergessenModerate -
Rate limiter not working reliable when Memcached is installedGHSA-xmhp-7vr4-hp63 published
Oct 16, 2023 by nickvergessenModerate -
Missing password confirmation when creating app passwordsGHSA-j4qm-5q5x-54m5 published
Aug 10, 2023 by nickvergessenHigh -
Text does not respect "Allow download" permissionsGHSA-qhgm-w4gx-gvgp published
Aug 10, 2023 by nickvergessenLow -
Improper restriction of excessive authentication attempts on WebDAV endpointGHSA-2hrc-5fgp-c9c9 published
Oct 13, 2023 by nickvergessenModerate -
Existance of calendars and addressbooks can be checked by unauthenticated usersGHSA-g97r-8ffm-hfpj published
Aug 10, 2023 by nickvergessenLow