Nextcloud: >> Nextcloud Server >> 19.0.1 Security Vulnerabilities
A wrong generation of the passphrase for the encrypted block in Nextcloud Server 19.0.1 allowed an attacker to overwrite blocks in a file.
CVSS Score
5.3
EPSS Score
0.002
Published
2020-11-09
A cryptographic issue in Nextcloud Server 19.0.1 allowed an attacker to downgrade the encryption scheme and break the integrity of encrypted files.
CVSS Score
4.1
EPSS Score
0.0
Published
2020-11-09
A wrong configuration in Nextcloud Server 19.0.1 incorrectly made the user feel the passwordless WebAuthn is also a two factor verification by asking for the PIN of the passwordless WebAuthn but not verifying it.
CVSS Score
6.8
EPSS Score
0.002
Published
2020-11-02
Page 6