CVE-2023-35173

Published
View on NVD ↗
CVSS v3
5.7
MEDIUM
CVSS v2
N/A
Affected
2
PROJECTS

Description

Nextcloud End-to-end encryption app provides all the necessary APIs to implement End-to-End encryption on the client side. By providing an invalid meta data file, an attacker can make previously dropped files inaccessible. It is recommended that the Nextcloud End-to-end encryption app is upgraded to version 1.12.4 that contains the fix.

nextcloud/security-advisories
nextcloud/security-advisories
👮 Security advisories of Nextcloud
GitHubGitHub
75
nextcloud/end_to_end_encryption
nextcloud/end_to_end_encryption
:closed_lock_with_key: Server API to support End-to-End Encryption
GitHubGitHub
315