CVE-2022-29243

CVE-2022-29243

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Prior to versions 22.2.7 and 23.0.4, missing input-size validation of new session names allows users to create app passwords with long names. These long names are then loaded into memory on usage, resulting in impacted performance. Versions 22.2.7 and 23.0.4 contain a fix for this issue. There are currently no known workarounds available.

Source: CVE-2022-29243

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다