vulnerability
FreeBSD: owncloud -- multiple vulnerabilities (Multiple CVEs)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:S/C:P/I:N/A:C) | 2016-01-08 | 2016-02-01 | 2025-02-18 |
Severity
8
CVSS
(AV:N/AC:L/Au:S/C:P/I:N/A:C)
Published
2016-01-08
Added
2016-02-01
Modified
2025-02-18
Description
ownCloud Server before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2 allow remote authenticated users to obtain sensitive information from a directory listing and possibly cause a denial of service (CPU consumption) via the force parameter to index.php/apps/files/ajax/scan.php.
Solution
freebsd-upgrade-package-owncloud
References
- CVE-2016-1498
- https://attackerkb.com/topics/CVE-2016-1498
- CVE-2016-1499
- https://attackerkb.com/topics/CVE-2016-1499
- CVE-2016-1500
- https://attackerkb.com/topics/CVE-2016-1500
- URL-https://owncloud.org/blog/owncloud-8-2-2-8-1-5-8-0-10-and-7-0-12-here-with-sharing-ldap-fixes/
- URL-https://owncloud.org/security/advisory/?id=oc-sa-2016-001
- URL-https://owncloud.org/security/advisory/?id=oc-sa-2016-002
- URL-https://owncloud.org/security/advisory/?id=oc-sa-2016-003
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.