Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
High memory usage in Nextcloud server
Vulnerability Description
Nextcloud server is an open source, self hosted cloud style services platform. In affected versions an attacker can cause a denial of service by uploading specially crafted files which will cause the server to allocate too much memory / CPU. It is recommended that the Nextcloud Server is upgraded to 21.0.8 , 22.2.4 or 23.0.1. Users unable to upgrade should disable preview generation with the `'enable_previews'` config flag.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Vulnerability Title
Nextcloud server 资源管理错误漏洞
Vulnerability Description
Nextcloud是德国Nextcloud公司的一套开源的自托管文件同步和共享的通信应用平台。 Nextcloud server 存在资源管理错误漏洞,攻击者可以通过上传特制文件来导致拒绝服务,这将导致服务器分配过多的内存/CPU。
CVSS Information
N/A
Vulnerability Type
N/A