Explore top 10 tips to secure your open-source projects now. Read More
×
CVE-2022-39331
An attacker can inject arbitrary HyperText Markup Language into
the Desktop Client application in the notifications.
CVE-2022-39332
An attacker can inject arbitrary HyperText Markup Language into
the Desktop Client application via user status and information.
CVE-2022-39333
An attacker can inject arbitrary HyperText Markup Language into
the Desktop Client application.
CVE-2022-39334
A CLI utility called nextcloudcmd which is sometimes used for
automated scripting and headless servers would incorrectly trust
invalid TLS certificates, which may enable a Man-in-the-middle
attack that exposes sensitive data or credentials to a network
attacker.
CVE-2023-28997
A malicious server administrator can recover and modify the
contents of end-to-end encrypted files.
For Debian 11 bullseye, these problems have been fixed in version
3.1.1-2+deb11u2.
For Debian 11 bullseye, these problems have been fixed in version
3.1.1-2+deb11u2.
Get the latest Linux and open source security news straight to your inbox.