PT-2022-37627 · Opensuse+4 · Nextcloud

Published

2022-03-23

·

Updated

2022-03-31

·

CVE-2021-41741

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
This update for nextcloud fixes the following issues:
nextcloud was updated to 21.0.9:
  • CVE-2021-41239 (CWE-200): user enumeration setting not obeyed in User Status API (boo#1196905)
  • CVE-2021-41241 (CWE-863): groupfolders advanced permissions is not obeyed for subfolders (boo#1196908)
  • CVE-2021-41741 (CWE-400): High memory usage for generating preview of broken image (boo#1196952)
  • For more changes see https://nextcloud.com/changelog/#21-0-9
Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

CVE-2021-41741
OPENSUSE-SU-2022:0089-1
OPENSUSE-SU-2022:0098-1

Affected Products

Nextcloud