CVE-2023-45148

Source
https://nvd.nist.gov/vuln/detail/CVE-2023-45148
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-45148.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-45148
Related
  • GHSA-xmhp-7vr4-hp63
Published
2023-10-16T19:15:10Z
Modified
2025-01-08T09:47:08.120256Z
Severity
  • 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
Summary
[none]
Details

Nextcloud is an open source home cloud server. When Memcached is used as memcache.distributed the rate limiting in Nextcloud Server could be reset unexpectedly resetting the rate count earlier than intended. Users are advised to upgrade to versions 25.0.11, 26.0.6 or 27.1.0. Users unable to upgrade should change their config setting memcache.distributed to \OC\Memcache\Redis and install Redis instead of Memcached.

References

Affected packages

Git / github.com/nextcloud/server

Affected ranges

Type
GIT
Repo
https://github.com/nextcloud/server
Events

Affected versions

v26.*

v26.0.0
v26.0.1
v26.0.1rc1
v26.0.2
v26.0.2rc1
v26.0.3
v26.0.3rc1
v26.0.3rc2
v26.0.4
v26.0.4rc1
v26.0.4rc2
v26.0.5
v26.0.5rc1
v26.0.6rc1