nextcloud (SUSE:Package Hub 15) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Package Hub 15 package nextcloud, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (6)
CVE-2019-15613 — CVSS 8.0 (high): A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend their behaviour on the file extension when checking file mimetypes.
CVE-2019-15621 — CVSS 6.5 (medium): Improper permissions preservation in Nextcloud Server 16.0.1 causes sharees to be able to reshare with write permissions when sharing the…
CVE-2019-15623 — CVSS 5.3 (medium): Exposure of Private Information in Nextcloud Server 16.0.1 causes the server to send it's domain and user IDs to the Nextcloud Lookup…
CVE-2020-8118 — CVSS 5.0 (medium): An authenticated server-side request forgery in Nextcloud server 16.0.1 allowed to detect local and remote services when adding a new…
CVE-2019-15624 — CVSS 4.9 (medium): Improper Input Validation in Nextcloud Server 15.0.7 allows group admins to create users with IDs of system folders.
CVE-2020-8119 — CVSS 4.3 (medium): Improper authorization in Nextcloud server 17.0.0 causes leaking of previews and files when a file-drop share link is opened via the…