vulnerability
FreeBSD: owncloud -- multiple vulnerabilities (Multiple CVEs)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:S/C:P/I:N/A:C) | Jan 8, 2016 | Feb 1, 2016 | Feb 18, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:S/C:P/I:N/A:C)
Published
Jan 8, 2016
Added
Feb 1, 2016
Modified
Feb 18, 2025
Description
ownCloud Server before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2 allow remote authenticated users to obtain sensitive information from a directory listing and possibly cause a denial of service (CPU consumption) via the force parameter to index.php/apps/files/ajax/scan.php.
Solution
freebsd-upgrade-package-owncloud
References
- CVE-2016-1498
- https://attackerkb.com/topics/CVE-2016-1498
- CVE-2016-1499
- https://attackerkb.com/topics/CVE-2016-1499
- CVE-2016-1500
- https://attackerkb.com/topics/CVE-2016-1500
- URL-https://owncloud.org/blog/owncloud-8-2-2-8-1-5-8-0-10-and-7-0-12-here-with-sharing-ldap-fixes/
- URL-https://owncloud.org/security/advisory/?id=oc-sa-2016-001
- URL-https://owncloud.org/security/advisory/?id=oc-sa-2016-002
- URL-https://owncloud.org/security/advisory/?id=oc-sa-2016-003
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.