Nextcloud Openid Connect User Backend — known CVE vulnerabilities
Every CVE whose affected-product data names Nextcloud Openid Connect User Backend, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2022-39339 — CVSS 4.3 (medium): user_oidc is an OpenID Connect user backend for Nextcloud. In versions prior to 1.2.1 sensitive information such as the OIDC client…
CVE-2022-39338 — CVSS 3.5 (low): user_oidc is an OpenID Connect user backend for Nextcloud. Versions prior to 1.2.1 did not properly validate discovery urls which may lead…