Nextcloud Server 27.1.9

CPE Details

Nextcloud Server 27.1.9
nextcloud
nextcloud_server
27.1.9
2024-08-01
14h45 +00:00
2024-08-01
14h45 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:nextcloud:nextcloud_server:27.1.9:*:*:*:-:*:*:*

Informations

Vendor

nextcloud

Product

nextcloud_server

Version

27.1.9

Software Edition

-

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2024-37887 2024-06-14 15h48 +00:00 Nextcloud Server is a self hosted personal cloud system. Private shared calendar events' recurrence exceptions can be read by sharees. It is recommended that the Nextcloud Server is upgraded to 27.1.10 or 28.0.6 or 29.0.1 and that the Nextcloud Enterprise Server is upgraded to 27.1.10 or 28.0.6 or 29.0.1.
3.5
Bas
CVE-2024-22403 2024-01-18 20h03 +00:00 Nextcloud server is a self hosted personal cloud system. In affected versions OAuth codes did not expire. When an attacker would get access to an authorization code they could authenticate at any time using the code. As of version 28.0.0 OAuth codes are invalidated after 10 minutes and will no longer be authenticated. To exploit this vulnerability an attacker would need to intercept an OAuth code from a user session. It is recommended that the Nextcloud Server is upgraded to 28.0.0. There are no known workarounds for this vulnerability.
3.7
Bas