Nextcloud Richdocuments up to 3.8.3/4.2.0 OCS endpoint information disclosure

A vulnerability was found in Nextcloud Richdocuments up to 3.8.3/4.2.0 (Cloud Software). It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component OCS endpoint. Upgrading to version 3.8.4 or 4.2.1 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2022-22486 : IBM TIVOLI WORKLOAD SCHEDULER 9.4/9.5/10.1 XML EXTERNAL ENTITY REFERENCE

CVE-2022-22486 : IBM TIVOLI WORKLOAD SCHEDULER 9.4/9.5/10.1 XML EXTERNAL ENTITY REFERENCE

Description IBM Tivoli Workload Scheduler 9.4, 9.5, and 10.1 is vulnerable to an XML External Entity Injection (XXE) attack when

CVE-2023-24997 : APACHE INLONG UP TO 1.5.0 DESERIALIZATION

Description Deserialization of Untrusted Data vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0.

CVE-2022-37708 : DOCKER 20.10.15 BUILD FD82621 PERMISSION

CVE-2022-37708 : DOCKER 20.10.15 BUILD FD82621 PERMISSION

Description Docker version 20.10.15, build fd82621 is vulnerable to Insecure Permissions. Unauthorized users outside the Docker container can access any