Nextcloud End-To-End Encryption vulnerabilities
2 known vulnerabilities affecting nextcloud/end-to-end_encryption.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2023-35173MEDIUMCVSS 6.5≥ 1.12.0, < 1.12.42023-06-23
CVE-2023-35173 [MEDIUM] CWE-284 CVE-2023-35173: Nextcloud End-to-end encryption app provides all the necessary APIs to implement End-to-End encrypti
Nextcloud End-to-end encryption app provides all the necessary APIs to implement End-to-End encryption on the client side. By providing an invalid meta data file, an attacker can make previously dropped files inaccessible. It is recommended that the Nextcloud End-to-end encryption app is upgraded to version 1.12.4 that contains the fix.
nvd
CVE-2021-22906MEDIUMCVSS 6.5fixed in 1.5.3≥ 1.6.0, < 1.6.3+1 more2021-06-11
CVE-2021-22906 [MEDIUM] CWE-400 CVE-2021-22906: Nextcloud End-to-End Encryption before 1.5.3, 1.6.3 and 1.7.1 suffers from a denial of service vulne
Nextcloud End-to-End Encryption before 1.5.3, 1.6.3 and 1.7.1 suffers from a denial of service vulnerability due to permitting any authenticated users to lock files of other users.
nvd