CVE-2024-52515

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-52515
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-52515.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-52515
Aliases
  • GHSA-5m5g-hw8c-2236
Published
2024-11-15T17:03:09.033Z
Modified
2025-12-01T17:52:14.164483Z
Severity
  • 5.7 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N CVSS Calculator
Summary
Nextcloud Server has incomplete sanitization of SVG files allows to embed other images into previews
Details

Nextcloud Server is a self hosted personal cloud system. After an admin enables the default-disabled SVG preview provider, a malicious user could upload a manipulated SVG file referencing paths. If the file would exist the preview of the SVG would preview the other file instead. It is recommended that the Nextcloud Server is upgraded to 27.1.10, 28.0.6 or 29.0.1 and Nextcloud Enterprise Server is upgraded to 24.0.12.15, 25.0.13.10, 26.0.13.4, 27.1.10, 28.0.6 or 29.0.1.

Database specific 
{
    "cna_assigner": "GitHub_M",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/52xxx/CVE-2024-52515.json",
    "cwe_ids": [
        "CWE-706"
    ]
}
References

Affected packages

Git / github.com/nextcloud/server

Affected ranges

Type
GIT
Repo
https://github.com/nextcloud/server
Events
Introduced
36ae775aa7c9af22bf33645a2d8807206ec6c85f
Fixed
3bb0c9b012f0e87ccddd37e4782d3fb5ae2025a6
Database specific 
{
    "versions": [
        {
            "introduced": "29.0.0"
        },
        {
            "fixed": "29.0.1"
        }
    ]
}
Type
GIT
Repo
https://github.com/nextcloud/server
Events
Introduced
e15fcecaf0d382cebff924ec2b1f5319e130c0e8
Fixed
5481d81792b3eec0fddbb8bf56d78c1188519509
Database specific 
{
    "versions": [
        {
            "introduced": "28.0.0"
        },
        {
            "fixed": "28.0.6"
        }
    ]
}
Type
GIT
Repo
https://github.com/nextcloud/server
Events
Introduced
add4e4365a4040d2e4e6aa79c0d03c3edd78583c
Fixed
f7e1218ad98ab77de36edb7bd3ad3124d6e78ba9
Database specific 
{
    "versions": [
        {
            "introduced": "27.0.0"
        },
        {
            "fixed": "27.1.10"
        }
    ]
}

Affected versions

v27.*

v27.0.0
v27.0.1
v27.0.1rc1
v27.0.1rc2
v27.0.2
v27.0.2rc1
v27.1.0
v27.1.0beta2
v27.1.0beta3
v27.1.0rc1
v27.1.0rc2
v27.1.0rc3
v27.1.0rc4
v27.1.1
v27.1.10rc1
v27.1.10rc2
v27.1.2
v27.1.2rc1
v27.1.3
v27.1.3rc1
v27.1.3rc2
v27.1.4
v27.1.4rc1
v27.1.5
v27.1.5rc1
v27.1.6
v27.1.6rc1
v27.1.6rc2
v27.1.7
v27.1.7rc1
v27.1.7rc2
v27.1.8
v27.1.8rc1
v27.1.9
v27.1.9rc1

v28.*

v28.0.0
v28.0.1
v28.0.1rc1
v28.0.2
v28.0.2rc1
v28.0.2rc2
v28.0.2rc3
v28.0.2rc4
v28.0.2rc5
v28.0.3
v28.0.3rc1
v28.0.3rc2
v28.0.4
v28.0.4rc1
v28.0.5
v28.0.5rc1
v28.0.6rc1

v29.*

v29.0.0
v29.0.1rc1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-52515.json"