-
Notifications
You must be signed in to change notification settings - Fork 13
Security: nextcloud/security-advisories
Security Navigation
Security Advisories
View information about security vulnerabilities from this repository's maintainers.
-
Insecure temporary file creation, race with write access and permissionGHSA-q568-2933-gcjq published
May 16, 2025 by nickvergessenLow -
Test remote endpoint is not rate limitedGHSA-c7vq-m7f8-rx37 published
May 16, 2025 by nickvergessenModerate -
Bypass group folder quota limit using attachment in text fileGHSA-qqgg-hhfq-vhww published
May 16, 2025 by nickvergessenModerate -
Second factor not requested after session timeoutGHSA-9h3w-f3h4-qqrh published
May 16, 2025 by nickvergessenModerate -
3rdparty applications can create share links via socket APIGHSA-qm2f-959g-7p65 published
May 16, 2025 by nickvergessenModerate -
User password is available in memory of the PHP processGHSA-w7v5-mgxm-v6gm published
Nov 15, 2024 by nickvergessenLow -
Custom defined credentials of external storages are sent back to the frontendGHSA-42w6-r45m-9w9j published
Nov 15, 2024 by nickvergessenModerate -
Potential hash collision for background jobs could skip queuing themGHSA-2q6f-gjgj-7hp4 published
Nov 15, 2024 by nickvergessenLow -
Link reference provider can be tricked into downloading bigger files than intendedGHSA-pxqf-cfxw-mqmj published
Nov 15, 2024 by nickvergessenModerate -
OAuth2 client secrets were stored in a recoverable wayGHSA-fvpc-8hq6-jgq2 published
Nov 15, 2024 by nickvergessenLow