End To End Encryption
Approved changes feed: RSS · Atom
cpe:2.3:a:nextcloud:end-to-end_encryption:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Nextcloud (e5ae4298-6932-564f-a40d-08cebea039a5) |
|---|---|
| Product | End To End Encryption (5e6936af-73e8-53c5-b50d-9a225bc6c25b) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/nextcloud/end_to_end_encryption |
purl2cpe | 2026-06-01 10:17:58.899425 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-35173 |
vulnerable | 2026-06-03 14:52:17.924832 |
End-to-End encrypted file-drops can be made inaccessible
MEDIUM (5.7)
Nextcloud End-to-end encryption app provides all the necessary APIs to implement End-to-End encryption on the client side. By providing an invalid meta data file, an attacker can make previously dropped files inaccessible. It is recommended that the Nextcloud End-to-end encryption app is upgraded to version 1.12.4 that contains the fix.
Published: 2023-06-23T20:50:15.948Z
Updated: 2024-08-02T16:23:59.642Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-22906 |
vulnerable | 2026-06-03 14:43:54.246608 |
Details available
Nextcloud End-to-End Encryption before 1.5.3, 1.6.3 and 1.7.1 suffers from a denial of service vulnerability due to permitting any authenticated users to lock files of other users.
Published: 2021-06-11T15:49:39.000Z
Updated: 2024-08-03T18:58:25.587Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.