B42F97Eb69Dddcafe5Cc278

**Name of the Vulnerable Software and Affected Versions** Nextcloud Server versions prior to 9.0.55 Nextcloud Server versions prior to 10.0.2 **Description** The issue allows an authenticated adversary to create empty folders inside a shared folder, despite lacking the necessary permissions, due to a logical error in the file caching layer. This affects folders and files where the adversary has at least read-only permissions. **Recommendations** For Nextcloud Server versions prior to 9.0.55, update to version 9.0.55 or later. For Nextcloud Server versions prior to 10.0.2, update to version 10.0.2 or later.

**Name of the Vulnerable Software and Affected Versions** Nextcloud Server versions prior to 9.0.55 Nextcloud Server versions prior to 10.0.2 **Description** The issue allows an adversary with access to a write-only share to enumerate the names of existing files and subfolders by comparing exception messages, due to an error in the application logic. This error can disclose the existence of files in a write-only share. **Recommendations** For versions prior to 9.0.55, update to version 9.0.55 or later. For versions prior to 10.0.2, update to version 10.0.2 or later.