OwnCloud 10.9.0

CPE Details

OwnCloud 10.9.0
owncloud
owncloud
10.9.0
2022-06-30
11h05 +00:00
2022-06-30
11h06 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:owncloud:owncloud:10.9.0:*:*:*:*:*:*:*

Informations

Vendor

owncloud

Product

owncloud

Version

10.9.0

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2023-49105 2023-11-20 23h00 +00:00 An issue was discovered in ownCloud owncloud/core before 10.13.1. An attacker can access, modify, or delete any file without authentication if the username of a victim is known, and the victim has no signing-key configured. This occurs because pre-signed URLs can be accepted even when no signing-key is configured for the owner of the files. The earliest affected version is 10.6.0.
9.8
Critique
CVE-2022-43679 2022-11-09 23h00 +00:00 The Docker image of ownCloud Server through 10.11 contains a misconfiguration that renders the trusted_domains config useless. This could be abused to spoof the URL in password-reset e-mail messages.
5.3
Moyen
CVE-2022-31649 2022-06-08 22h51 +00:00 ownCloud owncloud/core before 10.10.0 Improperly Removes Sensitive Information Before Storage or Transfer.
7.5
Haute