4.3
CVE-2025-66545
- EPSS 0.03%
- Veröffentlicht 05.12.2025 17:44:13
- Zuletzt bearbeitet 09.12.2025 19:10:33
- Quelle security-advisories@github.com
- CVE-Watchlists
- Unerledigt
Nextcloud Groupfolders provides admin-configured folders shared by everyone in a group or team. Prior to 14.0.11, 15.3.12, 16.0.15, 17.0.14, 18.1.8, 19.1.8, and 20.1.2, a user with read-only permission can restore a file from the trash bin. This vulnerability is fixed in 14.0.11, 15.3.12, 16.0.15, 17.0.14, 18.1.8, 19.1.8, and 20.1.2.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch National Vulnerability Database (NVD)
Nextcloud ≫ Group Folders Version < 14.0.11
Nextcloud ≫ Group Folders Version >= 15.0.0 < 15.3.12
Nextcloud ≫ Group Folders Version >= 16.0.0 < 16.0.15
Nextcloud ≫ Group Folders Version >= 17.0.0 < 17.0.14
Nextcloud ≫ Group Folders Version >= 18.0.0 < 18.1.8
Nextcloud ≫ Group Folders Version >= 19.0.0 < 20.1.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.073 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 2.8 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
|
| security-advisories@github.com | 3.5 | 2.1 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
|
CWE-707 Improper Neutralization
The product does not ensure or incorrectly ensures that structured messages or data are well-formed and that certain security properties are met before being read from an upstream component or sent to a downstream component.