CVE-2021-32653

Nextcloud Server is a Nextcloud package that handles data storage. Nextcloud Server versions prior to 19.0.11, 20.0.10, or 21.0.2 send user IDs to the lookup server even if the user has no fields set to published. The vulnerability is patched in versions 19.0.11, 20.0.10, and 21.0.2; no workarounds outside the updates are known to exist.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*
cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*
cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*

Information

Published : 2021-06-01 13:15

Updated : 2022-10-26 07:09


NVD link : CVE-2021-32653

Mitre link : CVE-2021-32653


JSON object : View

CWE
CWE-201

Insertion of Sensitive Information Into Sent Data

Advertisement

dedicated server usa

Products Affected

nextcloud

  • nextcloud_server