A wrong generation of the passphrase for the encrypted block in Nextcloud Server 19.0.1 allowed an attacker to overwrite blocks in a file.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NNextcloud Server
APPNextcloud19.0.1
π’
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Related vulnerabilities
CVE-2023-26482CRITICAL9.0ten sam produkt
Nextcloud server is an open source home cloud implementation. In affected versions a missing scope validation ...
CVE-2021-32802CRITICAL9.3ten sam produkt
Nextcloud server is an open source, self hosted personal cloud. Nextcloud supports rendering image previews fo...
CVE-2021-22915CRITICAL9.8ten sam produkt
Nextcloud server before 19.0.11, 20.0.10, 21.0.2 is vulnerable to brute force attacks due to lack of inclusion...
CVE-2026-45281HIGH8.1ten sam produkt
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before...
CVE-2024-37313HIGH7.3ten sam produkt
Nextcloud server is a self hosted personal cloud system. Under some circumstance it was possible to bypass the...