CVE-2017-0886

EPSS 1.2%CWE-674

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Denial of Service attack. Due to an error in the application logic an authenticated adversary may trigger an endless recursion in the application leading to a potential Denial of Service.

Affected products

Nextcloud · Nextcloud Server

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://hackerone.com/reports/174524 https://nextcloud.com/security/advisory/?id=nc-sa-2017-004