-
Notifications
You must be signed in to change notification settings - Fork 14
Security: nextcloud/security-advisories
Security Navigation
Security Advisories
View information about security vulnerabilities from this repository's maintainers.
-
Malicious Android application can crash the Nextcloud Android ClientGHSA-h2gm-m374-99vc published
Jun 17, 2021 by LukasReschkeLow -
Malicious Android app could access Shared Preferences of the Nextcloud Android clientGHSA-25m9-cf6c-qf2c published
Jun 17, 2021 by LukasReschkeLow -
Nextcloud Talk not properly disassociating users from chats after account deletionGHSA-xv6f-344w-895c published
Jul 12, 2021 by LukasReschkeModerate -
Application specific tokens can change their own scopeGHSA-48m7-7r2r-838r published
Jul 12, 2021 by LukasReschkeHigh -
Audit log is not properly logging unsetting of share expiration dateGHSA-fxpq-wq7c-vppf published
Jul 12, 2021 by LukasReschkeLow -
Filenames not escaped by default in controllers using DownloadResponseGHSA-3hjp-26x8-mhf6 published
Jul 12, 2021 by LukasReschkeLow -
Ratelimit not applied on OCS API responsesGHSA-48rx-3gmf-g74j published
Jul 12, 2021 by LukasReschkeLow -
Sensitive data may not be removed from storage on account removalGHSA-g5gf-rmhm-wpxw published
Jun 8, 2021 by LukasReschkeLow -
Malicious user could break user administration pageGHSA-fx62-q47f-f665 published
Jun 1, 2021 by LukasReschkeLow -
Trusted servers exchange can be triggered by attackerGHSA-j875-vr2q-h6x6 published
Jun 1, 2021 by LukasReschkeModerate