CVE-2023-28643— Nextcloud 安全漏洞

Potential share collision for recipients when caching is enabled in nextcloud server

Nextcloud server is an open source home cloud implementation. In affected versions when a recipient receives 2 shares with the same name, while a memory cache is configured, the second share will replace the first one instead of being renamed to `{name} (2)`. It is recommended that the Nextcloud Server is upgraded to 25.0.3 or 24.0.9. Users unable to upgrade should avoid sharing 2 folders with the same name to the same user.

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

使用不正确的解析名称或索引

Nextcloud 安全漏洞

Nextcloud是德国Nextcloud公司的一套开源的自托管文件同步和共享的通信应用平台。 Nextcloud serve存在安全漏洞，该漏洞源于启用缓存时收件人可能发生共享冲突。受影响的产品和版本：Nextcloud serve 24.0.9之前的24.0.x版本， 25.0.3之前的25.0.x版本。

N/A

N/A