Known Vulnerabilities
CVE-2020-8296
Nextcloud Server prior to 20.0.0 stores passwords in a recoverable format even when external storage is not configured.
UNKNOWN
Published Mar 03, 2021
CVE-2020-8295
A wrong check in Nextcloud Server 19 and prior allowed to perform a denial of service attack when resetting the password for a user.
UNKNOWN
Published Jan 26, 2021
CVE-2020-8259
Insufficient protection of the server-side encryption keys in Nextcloud Server 19.0.1 allowed an attacker to replace the encryption keys.
UNKNOWN
Published Nov 16, 2020
CVE-2020-8152
Insufficient protection of the server-side encryption keys in Nextcloud Server 19.0.1 allowed an attacker to replace the public key to decrypt them later on.
UNKNOWN
Published Nov 16, 2020