Sjw

**Name of the Vulnerable Software and Affected Versions** Nextcloud server versions prior to 19.0.11 Nextcloud server versions prior to 20.0.10 Nextcloud server versions prior to 21.0.2 **Description** The issue is related to brute force attacks due to the lack of inclusion of IPv6 subnets in rate-limiting considerations. This could potentially result in an attacker bypassing rate-limit controls such as the Nextcloud brute-force protection. **Recommendations** For versions prior to 19.0.11, update to version 19.0.11 or later. For versions prior to 20.0.10, update to version 20.0.10 or later. For versions prior to 21.0.2, update to version 21.0.2 or later.