CPE-D353E243-5935-4C03-8C9F-395F8EB9EA7C Détail

CPE Details

ownCloud 10.7.0

Vendor

owncloud

Product

owncloud

Version

10.7.0

Created

2021-04-09
16h43 +00:00

Modifié

2021-05-19
13h25 +00:00

Liens officiels

CPE NVD

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Gestion des notifications

Liste des Notifications

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Paramètres

Vous pouvez spécifier un titre qui sera récupéré dans les alertes qui seront envoyées.

CPE ID

Planifications

Mois

Prochaine exécution calculée

Jour

Jour de la semaine

Heure

Minute

Date de création

Dernière exécution

Prochaine exécution

Fonctionnalité nécessitant une connexion

Cette fonctionnalité qui vous permet de recevoir des alertes, n'est active que lorsque vous êtes connecté à votre compte.

CPE Name: cpe:2.3:a:owncloud:owncloud:10.7.0:-::::::

Informations

Vendor

owncloud

Product

owncloud

Version

10.7.0

Update

Related CVE

Open and find in CVE List

CVE ID	Publié	Description	Score	Gravité
CVE-2023-49105	2023-11-20 23h00 +00:00	An issue was discovered in ownCloud owncloud/core before 10.13.1. An attacker can access, modify, or delete any file without authentication if the username of a victim is known, and the victim has no signing-key configured. This occurs because pre-signed URLs can be accepted even when no signing-key is configured for the owner of the files. The earliest affected version is 10.6.0.	9.8	Critique
CVE-2022-43679	2022-11-09 23h00 +00:00	The Docker image of ownCloud Server through 10.11 contains a misconfiguration that renders the trusted_domains config useless. This could be abused to spoof the URL in password-reset e-mail messages.	5.3	Moyen
CVE-2022-31649	2022-06-08 22h51 +00:00	ownCloud owncloud/core before 10.10.0 Improperly Removes Sensitive Information Before Storage or Transfer.	7.5	Haute
CVE-2021-35948	2021-09-07 17h08 +00:00	Session fixation on password protected public links in the ownCloud Server before 10.8.0 allows an attacker to bypass the password protection when they can force a target client to use a controlled cookie.	5.4	Moyen
CVE-2021-35946	2021-09-07 17h04 +00:00	A receiver of a federated share with access to the database with ownCloud version before 10.8 could update the permissions and therefore elevate their own permissions.	9.8	Critique
CVE-2021-35949	2021-09-07 16h59 +00:00	The shareinfo controller in the ownCloud Server before 10.8.0 allows an attacker to bypass the permission checks for upload only shares and list metadata about the share.	5.3	Moyen
CVE-2021-35947	2021-09-07 16h49 +00:00	The public share controller in the ownCloud server before version 10.8.0 allows a remote attacker to see the internal path and the username of a public share by including invalid characters in the URL.	5.3	Moyen
CVE-2021-29659	2021-05-20 10h46 +00:00	ownCloud 10.7 has an incorrect access control vulnerability, leading to remote information disclosure. Due to a bug in the related API endpoint, the attacker can enumerate all users in a single request by entering three whitespaces. Secondary, the retrieval of all users on a large instance could cause higher than average load on the instance.	6.5	Moyen

ownCloud 10.7.0

CPE Details

CPE Name: cpe:2.3:a:owncloud:owncloud:10.7.0:-:*:*:*:*:*:*

Informations

Vendor

Product

Version

Update

Related CVE

CPE Name: cpe:2.3:a:owncloud:owncloud:10.7.0:-::::::