Nextcloud Security-Advisories vulnerabilities

CVE-2023-32074 [CRITICAL] CWE-307 CVE-2023-32074: user_oidc app is an OpenID Connect user backend for Nextcloud. Authentication can be broken/bypassed user_oidc app is an OpenID Connect user backend for Nextcloud. Authentication can be broken/bypassed in user_oidc app. It is recommended that the Nextcloud user_oidc app is upgraded to 1.3.2

CVE-2023-28847 [HIGH] CWE-307 CVE-2023-28847: Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. In Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. In Nextcloud Server 24.0.0 prior to 24.0.11 and 25.0.0 prior to 25.0.5; as well as Nextcloud Server Enterprise 23.0.0 prior to 23.0.12.6, 24.0.0 prior to 24.0.11, and 25.0.0 prior to 25.0.5; an attacker is not restricted in verifying passwords of share link

CVE-2023-30539 [HIGH] CWE-284 CVE-2023-30539: Nextcloud is a personal home server system. Depending on the set up tags and other workflows this is Nextcloud is a personal home server system. Depending on the set up tags and other workflows this issue can be used to limit access of others or being able to grant them access when there are system tag based files access control or files retention rules. It is recommended that the Nextcloud Server is upgraded to 24.0.11 or 25.0.5, the Nextcloud Enter

CVE-2023-30540 [MEDIUM] CWE-200 CVE-2023-30540: Nextcloud Talk is a chat, video & audio call extension for Nextcloud. In affected versions a user th Nextcloud Talk is a chat, video & audio call extension for Nextcloud. In affected versions a user that was added later to a conversation can use this information to get access to data that was deleted before they were added to the conversation. This issue has been patched in version 15.0.5 and it is recommended that users upgrad to 15.0.5. There are

CVE-2023-28997 [MEDIUM] CWE-323 CVE-2023-28997: The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with ver The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.6.5, a malicious server administrator can recover and modify the contents of end-to-end encrypted files. Users should upgrade the Nextcloud Desktop client to 3.6.5 to receive a patch. No known workarounds are availabl

CVE-2023-29000 [MEDIUM] CWE-295 CVE-2023-29000: The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with ver The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.7.0, by trusting that the server will return a certificate that belongs to the keypair of the user, a malicious server could get the desktop client to encrypt files with a key known to the attacker. This issue is fixe

CVE-2023-28999 [MEDIUM] CWE-325 CVE-2023-28999: Nextcloud is an open-source productivity platform. In Nextcloud Desktop client 3.0.0 until 3.8.0, Ne Nextcloud is an open-source productivity platform. In Nextcloud Desktop client 3.0.0 until 3.8.0, Nextcloud Android app 3.13.0 until 3.25.0, and Nextcloud iOS app 3.0.5 until 4.8.0, a malicious server administrator can gain full access to an end-to-end encrypted folder. They can decrypt files, recover the folder structure and add new files.​ This is

CVE-2023-28848 [MEDIUM] CWE-352 CVE-2023-28848: user_oidc is the OIDC connect user backend for Nextcloud, an open source collaboration platform. A v user_oidc is the OIDC connect user backend for Nextcloud, an open source collaboration platform. A vulnerability in versions 1.0.0 until 1.3.0 effectively allowed an attacker to bypass the state protection as they could just copy the expected state token from the first request to their second request. Users should upgrade user_oidc to 1.3.0 to recei

CVE-2023-28998 [MEDIUM] CWE-325 CVE-2023-28998: The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with ver The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.6.5, a malicious server administrator can gain full access to an end-to-end encrypted folder. They can decrypt files, recover the folder structure, and add new files.​ Users should upgrade the Nextcloud Desktop client

CVE-2023-28834 [MEDIUM] CWE-212 CVE-2023-28834: Nextcloud Server is an open source personal cloud server. Nextcloud Server 24.0.0 until 24.0.6 and 2 Nextcloud Server is an open source personal cloud server. Nextcloud Server 24.0.0 until 24.0.6 and 25.0.0 until 25.0.4, as well as Nextcloud Enterprise Server 23.0.0 until 23.0.11, 24.0.0 until 24.0.6, and 25.0.0 until 25.0.4, have an information disclosure vulnerability. A user was able to get the full data directory path of the Nextcloud server fr

CVE-2023-28645 [MEDIUM] CWE-284 CVE-2023-28645: Nextcloud richdocuments is a Nextcloud app integrating the office suit Collabora Online. In affected Nextcloud richdocuments is a Nextcloud app integrating the office suit Collabora Online. In affected versions the secure view feature of the rich documents app can be bypassed by using unprotected internal API endpoint of the rich documents app. It is recommended that the Nextcloud Office app (richdocuments) is upgraded to 8.0.0-beta.1, 7.0.2 or 6.3

CVE-2023-28844 [MEDIUM] CWE-284 CVE-2023-28844: Nextcloud server is an open source home cloud implementation. In affected versions users that should Nextcloud server is an open source home cloud implementation. In affected versions users that should not be able to download a file can still download an older version and use that for uncontrolled distribution. This issue has been addressed in versions 24.0.10 and 25.0.4. Users are advised to upgrade. There are no known workarounds for this vulnera

CVE-2023-28845 [LOW] CWE-284 CVE-2023-28845: Nextcloud talk is a video & audio conferencing app for Nextcloud. In affected versions the talk app Nextcloud talk is a video & audio conferencing app for Nextcloud. In affected versions the talk app does not properly filter access to a conversations member list. As a result an attacker could use this vulnerability to gain information about the members of a Talk conversation, even if they themselves are not members. It is recommended that the Nextclou

CVE-2023-26482 [HIGH] CWE-78 CVE-2023-26482: Nextcloud server is an open source home cloud implementation. In affected versions a missing scope v Nextcloud server is an open source home cloud implementation. In affected versions a missing scope validation allowed users to create workflows which are designed to be only available for administrators. Some workflows are designed to be RCE by invoking defined scripts, in order to generate PDFs, invoking webhooks or running scripts on the server. Due

CVE-2023-28644 [HIGH] CWE-400 CVE-2023-28644: Nextcloud server is an open source home cloud implementation. In releases of the 25.0.x branch befor Nextcloud server is an open source home cloud implementation. In releases of the 25.0.x branch before 25.0.3 an inefficient fetch operation may impact server performances and/or can lead to a denial of service. This issue has been addressed and it is recommended that the Nextcloud Server is upgraded to 25.0.3. There are no known workarounds for this v

CVE-2023-28643 [HIGH] CWE-706 CVE-2023-28643: Nextcloud server is an open source home cloud implementation. In affected versions when a recipient Nextcloud server is an open source home cloud implementation. In affected versions when a recipient receives 2 shares with the same name, while a memory cache is configured, the second share will replace the first one instead of being renamed to `{name} (2)`. It is recommended that the Nextcloud Server is upgraded to 25.0.3 or 24.0.9. Users unable to u

CVE-2023-28835 [HIGH] CWE-338 CVE-2023-28835: Nextcloud server is an open source home cloud implementation. In affected versions the generated fal Nextcloud server is an open source home cloud implementation. In affected versions the generated fallback password when creating a share was using a weak complexity random number generator, so when the sharer did not change it the password could be guessable to an attacker willing to brute force it. It is recommended that the Nextcloud Server is upgra

CVE-2023-28833 [HIGH] CWE-22 CVE-2023-28833: Nextcloud server is an open source home cloud implementation. In affected versions admins of a serve Nextcloud server is an open source home cloud implementation. In affected versions admins of a server were able to upload a logo or a favicon and to provided a file name which was not restricted and could overwrite files in the appdata directory. Administrators may have access to overwrite these files by other means but this method could be exploited b

CVE-2023-28647 [MEDIUM] CWE-281 CVE-2023-28647: Nextcloud iOS is an ios application used to interface with the nextcloud home cloud ecosystem. In ve Nextcloud iOS is an ios application used to interface with the nextcloud home cloud ecosystem. In versions prior to 4.7.0 when an attacker has physical access to an unlocked device, they may enable the integration into the iOS Files app and bypass the Nextcloud pin/password protection and gain access to a users files. It is recommended that the Next

CVE-2023-28646 [LOW] CWE-281 CVE-2023-28646: Nextcloud android is an android app for interfacing with the nextcloud home server ecosystem. In ver Nextcloud android is an android app for interfacing with the nextcloud home server ecosystem. In versions from 3.7.0 and before 3.24.1 an attacker that has access to the unlocked physical device can bypass the Nextcloud Android Pin/passcode protection via a thirdparty app. This allows to see meta information like sharer, sharees and activity of files.