Description

Nextcloud server is an open source home cloud implementation. In releases of the 25.0.x branch before 25.0.3 an inefficient fetch operation may impact server performances and/or can lead to a denial of service. This issue has been addressed and it is recommended that the Nextcloud Server is upgraded to 25.0.3. There are no known workarounds for this vulnerability.

Related CPE's

a

nextcloud

nextcloud_server

*

*

*

*

enterprise

Vulnerable

References

https://github.com/nextcloud/security-advisories/security/advisories/GHSA-9wmj-gp8v-477j

Vendor Advisory

https://github.com/nextcloud/server/pull/36016

Issue TrackingPatch

https://github.com/nextcloud/security-advisories/security/advisories/GHSA-9wmj-gp8v-477j

Vendor Advisory

https://github.com/nextcloud/server/pull/36016

Issue TrackingPatch

Weaknesses

[email protected]

Secondary
CWE-400

[email protected]

Primary
NVD-CWE-noinfo

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

5.7 · Medium

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-03-30T17:15:06.687Z

2 years ago

Last modified

2024-11-21T06:55:43.710Z

1 year ago