---

CVE-2021-32725 - log back

CVE-2021-32725 edited at 13 Jul 2021 10:30:21
Severity	- Unknown + Low
Remote	- Unknown + Remote

CVE-2021-32725 edited at 13 Jul 2021 10:30:06
Type	- Unknown + Access restriction bypass
Description	+ In Nextcloud Server versions prior to 21.0.3, default share permissions were not being respected for federated reshares of files and folders.
References	+ https://github.com/nextcloud/security-advisories/security/advisories/GHSA-6f6v-h9x9-jj4v + https://hackerone.com/reports/1178320 + https://github.com/nextcloud/server/pull/26946 + https://github.com/nextcloud/server/commit/7ca8fd43a6fdbebd1c931ae09a94ab072ef6773e
Notes

CVE-2021-32725 created at 13 Jul 2021 10:25:17