CVE-2019-15621

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2019-15621

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-15621.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2019-15621

Downstream

openSUSE-SU-2020:0220-1

openSUSE-SU-2020:0229-1

Related

Published

2020-02-04T20:15:12.527Z

Modified

2025-11-14T09:16:50.822398Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

Improper permissions preservation in Nextcloud Server 16.0.1 causes sharees to be able to reshare with write permissions when sharing the mount point of a share they received, as a public link.

References

Affected packages

Git / github.com/nextcloud/server

Affected ranges

Type: GIT
Repo: https://github.com/nextcloud/server
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

e877a7ec027854315ec58bdbc3ccb77d5e89b76a

Affected versions

14.*

14.0.2RC1

Other

list

v1.*

v1.0.0beta1

v1.0RC1

v1.1

v11.*

v11.0.0

v11.0RC2

v12.*

v12.0.0beta1

v12.0.0beta2

v12.0.0beta3

v12.0.0beta4

v13.*

v13.0.0RC1

v13.0.0beta1

v13.0.0beta2

v13.0.0beta3

v13.0.0beta4

v14.*

v14.0.0

v14.0.0RC1

v14.0.0RC2

v14.0.0beta1

v14.0.0beta2

v14.0.0beta3

v14.0.0beta4

v14.0.1

v14.0.10

v14.0.11

v14.0.11RC1

v14.0.12

v14.0.13RC1

v14.0.1RC1

v14.0.2

v14.0.2RC1

v14.0.2RC2

v14.0.3

v14.0.4

v14.0.4RC1

v14.0.4RC2

v14.0.5

v14.0.5RC1

v14.0.5RC2

v14.0.6

v14.0.7

v14.0.7RC1

v14.0.8

v14.0.8RC1

v14.0.8RC2

v14.0.9

v14.0.9RC1

v2.*

v2.0beta3

v3.*

v3.0

v3.0RC1

v3.0alpha1

v4.*

v4.0.0

v4.0.0RC

v4.0.0RC2

v4.0.0beta

v4.0.1

v4.0.3

v4.0.4

v4.0.5

v4.0.6

v4.5.0

v4.5.0RC1

v4.5.0RC2

v4.5.0RC3

v4.5.0beta1

v4.5.0beta2

v4.5.0beta3

v4.5.0beta4

v5.*

v5.0.0

v5.0.0RC1

v5.0.0RC2

v5.0.0RC3

v5.0.0alpha1

v5.0.0beta1

v5.0.0beta2

v6.*

v6.0.0RC1

v6.0.0RC2

v6.0.0alpha2

v6.0.0beta2

v6.0.0beta3

v6.0.0beta4

v6.0.0beta5

v7.*

v7.0.0alpha2

v7.0.0beta1

v8.*

v8.0.0

v8.0.0RC1

v8.0.0RC2

v8.0.0alpha1

v8.0.0alpha2

v8.0.0beta1

v8.0.0beta2

v8.1.0alpha1

v8.1.0alpha2

v8.1.0beta1

v8.1.0beta2

v8.1RC2

v8.2RC1

v8.2beta1

v9.*

v9.0.0beta2

v9.0.1beta2

v9.0beta1

v9.1.0beta1

v9.1.0beta2

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-15621.json"