CVE-2024-37315
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-37315
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-37315.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-37315
- Related
- Published
- 2024-06-14T16:15:11Z
- Modified
- 2025-07-01T16:03:25.405157Z
- Severity
-
- 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Nextcloud Server is a self hosted personal cloud system. An attacker with read-only access to a file is able to restore older versions of a document when the files_versions app is enabled. It is recommended that the Nextcloud Server is upgraded to 26.0.12, 27.1.7 or 28.0.3 and that the Nextcloud Enterprise Server is upgraded to 23.0.12.16, 24.0.12.12, 25.0.13.6, 26.0.12, 27.1.7 or 28.0.3.
- References
Affected packages
Git / github.com/nextcloud/server
Affected versions
v25.*
v25.0.0
v25.0.1
v25.0.10
v25.0.10rc1
v25.0.11
v25.0.11rc1
v25.0.12
v25.0.13rc1
v25.0.13rc2
v25.0.1rc1
v25.0.2
v25.0.2rc1
v25.0.2rc2
v25.0.2rc3
v25.0.3
v25.0.3rc1
v25.0.3rc2
v25.0.4
v25.0.4rc1
v25.0.5
v25.0.5rc1
v25.0.6
v25.0.6rc1
v25.0.7
v25.0.7rc1
v25.0.8
v25.0.8rc1
v25.0.8rc2
v25.0.9
v25.0.9rc1
v25.0.9rc2