---

CVE-2021-32734 - log back

CVE-2021-32734 edited at 13 Jul 2021 10:36:34
Severity	- Unknown + Low
Remote	- Unknown + Remote

CVE-2021-32734 edited at 13 Jul 2021 10:36:18
Type	- Unknown + Information disclosure
Description	+ In Nextcloud Server versions prior to 21.0.3, the Nextcloud Text application shipped with Nextcloud Server returned verbatim exception messages to the user. This could result in a full path disclosure on shared files. As a workaround, one may disable the Nextcloud Text application in Nextcloud Server app settings.
References	+ https://github.com/nextcloud/security-advisories/security/advisories/GHSA-6hf5-c2c4-2526 + https://hackerone.com/reports/1246721 + https://github.com/nextcloud/text/pull/1695 + https://github.com/nextcloud/text/commit/6ea959f10039b5b1a79ca5e68eb0a5926f7ae257
Notes

CVE-2021-32734 created at 13 Jul 2021 10:25:17