-
Notifications
You must be signed in to change notification settings - Fork 14
Security: nextcloud/security-advisories
Security Navigation
Security Advisories
View information about security vulnerabilities from this repository's maintainers.
-
Can access comments and attachments of deleted cardsGHSA-x45g-vx69-r9m8 published
Jun 14, 2024 by nickvergessenModerate -
Can reshare read&share only folder with more permissionsGHSA-jjm3-j9xh-5xmq published
Jun 14, 2024 by nickvergessenModerate -
Notes app can be tricked into using a received share created before the user logged inGHSA-wfqv-cx85-7rjx published
Jun 14, 2024 by nickvergessenModerate -
ID4me does not validate signature or expirationGHSA-vw5h-29xf-g55g published
Jun 14, 2024 by nickvergessenModerate -
Missing permission check when removing a photo from an albumGHSA-9chh-5prm-wp43 published
Jun 14, 2024 by nickvergessenLow -
Event create can create attachments that link to other websitesGHSA-2r7q-vfmv-79qf published
Jun 14, 2024 by nickvergessenModerate -
Events information leaked with shared calendars on recurrence exceptionsGHSA-h4xv-cjpm-j595 published
Jun 14, 2024 by nickvergessenLow -
Read-only users can restore old versionsGHSA-5mq8-738w-5942 published
Jun 14, 2024 by nickvergessenLow -
Ability to by-pass second factorGHSA-9v72-9xv5-3p7c published
Jun 14, 2024 by nickvergessenHigh -
ID4me feature of OpenID connect app available even when disabledGHSA-vw7g-959g-vj6q published
Jun 14, 2024 by nickvergessenModerate