CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-25579 – Directory traversal in Nextcloud server
https://notcve.org/view.php?id=CVE-2023-25579
Nextcloud server is a self hosted home cloud product. In affected versions the `OC\Files\Node\Folder::getFullPath()` function was validating and normalizing the string in the wrong order. The function is used in the `newFile()` and `newFolder()` items, which may allow to creation of paths outside of ones own space and overwriting data from other users with crafted paths. This issue has been addressed in versions 25.0.2, 24.0.8, and 23.0.12. Users are advised to upgrade. • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-273v-9h7x-p68v https://github.com/nextcloud/server/pull/35074 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 1CVE-2023-25162 – Nextcloud Server vulnerable to SSRF via filter bypass due to lax checking on IPs
https://notcve.org/view.php?id=CVE-2023-25162
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nextcloud Server prior to 24.0.8 and 23.0.12 and Nextcloud Enterprise server prior to 24.0.8 and 23.0.12 are vulnerable to server-side request forgery (SSRF). Attackers can leverage enclosed alphanumeric payloads to bypass IP filters and gain SSRF, which would allow an attacker to read crucial metadata if the server is hosted on the AWS platform. Nextcloud Server 24.0.8 and 23.0.2 and Nextcloud Enterprise Server 24.0.8 and 23.0.12 contain a patch for this issue. No known workarounds are available. • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-mqrx-grp7-244m https://github.com/nextcloud/server/pull/34160 https://hackerone.com/reports/1702864 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-25161 – Nextcloud Server's missing rate limiting on password reset functionality allows sending lots of emails
https://notcve.org/view.php?id=CVE-2023-25161
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nextcloud Server and Nextcloud Enterprise Server prior to versions 25.0.1 24.0.8, and 23.0.12 missing rate limiting on password reset functionality. This could result in service slowdown, storage overflow, or cost impact when using external email services. Users should upgrade to Nextcloud Server 25.0.1, 24.0.8, or 23.0.12 or Nextcloud Enterprise Server 25.0.1, 24.0.8, or 23.0.12 to receive a patch. No known workarounds are available. • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-492h-596q-xr2f https://github.com/nextcloud/server/pull/34632 https://hackerone.com/reports/1691195 • CWE-284: Improper Access Control •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-39346 – Missing length validation of user displayname in nextcloud server
https://notcve.org/view.php?id=CVE-2022-39346
Nextcloud server is an open source personal cloud server. Affected versions of nextcloud server did not properly limit user display names which could allow a malicious users to overload the backing database and cause a denial of service. It is recommended that the Nextcloud Server is upgraded to 22.2.10, 23.0.7 or 24.0.3. There are no known workarounds for this issue. El servidor Nextcloud es un servidor en la nube personal de código abierto. • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-6w9f-jgjx-4vj6 https://github.com/nextcloud/server/pull/33052 https://hackerone.com/reports/1588562 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TARDPRPBTI5TJRBYRVVQGTL6KWRCV5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R32L3P53AQKQQC652LA5U3AWFTZKPDK3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRAER4DCCHHSUDFHQ6LTIH4JEJFF73IU • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2022-39364 – Exception logging in Sharepoint app reveals clear-text connection details
https://notcve.org/view.php?id=CVE-2022-39364
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. In Nextcloud Server prior to versions 23.0.9 and 24.0.5 and Nextcloud Enterprise Server prior to versions 22.2.10.5, 23.0.9, and 24.0.5 an attacker reading `nextcloud.log` may gain knowledge of credentials to connect to a SharePoint service. Nextcloud Server versions 23.0.9 and 24.0.5 and Nextcloud Enterprise Server versions 22.2.10.5, 23.0.9, and 24.0.5 contain a patch for this issue. As a workaround, set `zend.exception_ignore_args = On` as an option in `php.ini`. Nextcloud Server es el software de servidor de archivos para Nextcloud, una plataforma de productividad autohospedada. • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-qpf5-jj85-36h5 https://github.com/nextcloud/server/pull/33689 https://github.com/nextcloud/sharepoint/issues/141 https://hackerone.com/reports/1652903 • CWE-312: Cleartext Storage of Sensitive Information •