CVE-2021-32725 - log back

CVE-2021-32725 edited at 13 Jul 2021 10:30:21
Severity
- Unknown
+ Low
Remote
- Unknown
+ Remote
CVE-2021-32725 edited at 13 Jul 2021 10:30:06
Type
- Unknown
+ Access restriction bypass
Description
+ In Nextcloud Server versions prior to 21.0.3, default share permissions were not being respected for federated reshares of files and folders.
References
+ https://github.com/nextcloud/security-advisories/security/advisories/GHSA-6f6v-h9x9-jj4v
+ https://hackerone.com/reports/1178320
+ https://github.com/nextcloud/server/pull/26946
+ https://github.com/nextcloud/server/commit/7ca8fd43a6fdbebd1c931ae09a94ab072ef6773e
Notes
CVE-2021-32725 created at 13 Jul 2021 10:25:17