Bug 1181804 - (CVE-2020-8295) VUL-0: CVE-2020-8295: nextcloud: Denial of service attack when resetting the password for a user
(CVE-2020-8295)
VUL-0: CVE-2020-8295: nextcloud: Denial of service attack when resetting the ...
Status: NEW
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Security
Leap 15.2
Other Other
: P3 - Medium : Normal (vote)
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/276541/
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2021-02-04 14:37 UTC by Alexandros Toptsoglou
Modified: 2021-07-21 01:19 UTC (History)
0 users

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 OBSbugzilla Bot 2021-02-04 16:20:17 UTC
This is an autogenerated message for OBS integration:
This bug (1181804) was mentioned in
https://build.opensuse.org/request/show/869493 15.2 / nextcloud
Comment 2 Swamp Workflow Management 2021-02-08 14:19:19 UTC
openSUSE-SU-2021:0262-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 1181445,1181803,1181804
CVE References: CVE-2020-8293,CVE-2020-8294,CVE-2020-8295
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    nextcloud-20.0.7-lp152.3.6.1
Comment 3 Swamp Workflow Management 2021-02-11 20:27:08 UTC
openSUSE-SU-2021:0274-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 1181445,1181803,1181804
CVE References: CVE-2020-8293,CVE-2020-8294,CVE-2020-8295
JIRA References: 
Sources used:
openSUSE Backports SLE-15-SP2 (src):    nextcloud-20.0.7-bp152.2.6.1
Comment 4 OBSbugzilla Bot 2021-07-13 13:10:14 UTC
This is an autogenerated message for OBS integration:
This bug (1181804) was mentioned in
https://build.opensuse.org/request/show/906122 15.2+Backports:SLE-12+Backports:SLE-15-SP1+Backports:SLE-15-SP2+Backports:SLE-15-SP3 / nextcloud
Comment 5 Swamp Workflow Management 2021-07-21 01:17:03 UTC
openSUSE-SU-2021:1068-1: An update that fixes 13 vulnerabilities is now available.

Category: security (important)
Bug References: 1181445,1181803,1181804,1188247,1188248,1188249,1188250,1188251,1188252,1188253,1188254,1188255,1188256
CVE References: CVE-2020-8293,CVE-2020-8294,CVE-2020-8295,CVE-2021-32678,CVE-2021-32679,CVE-2021-32680,CVE-2021-32688,CVE-2021-32703,CVE-2021-32705,CVE-2021-32725,CVE-2021-32726,CVE-2021-32734,CVE-2021-32741
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    nextcloud-20.0.11-lp152.3.9.1
openSUSE Backports SLE-15-SP3 (src):    nextcloud-20.0.11-bp153.2.3.1
openSUSE Backports SLE-15-SP2 (src):    nextcloud-20.0.11-bp152.2.9.1
openSUSE Backports SLE-15-SP1 (src):    nextcloud-20.0.11-bp151.3.15.1
Comment 6 Swamp Workflow Management 2021-07-21 01:19:29 UTC
openSUSE-SU-2021:1068-1: An update that fixes 13 vulnerabilities is now available.

Category: security (important)
Bug References: 1181445,1181803,1181804,1188247,1188248,1188249,1188250,1188251,1188252,1188253,1188254,1188255,1188256
CVE References: CVE-2020-8293,CVE-2020-8294,CVE-2020-8295,CVE-2021-32678,CVE-2021-32679,CVE-2021-32680,CVE-2021-32688,CVE-2021-32703,CVE-2021-32705,CVE-2021-32725,CVE-2021-32726,CVE-2021-32734,CVE-2021-32741
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    nextcloud-20.0.11-lp152.3.9.1
openSUSE Backports SLE-15-SP3 (src):    nextcloud-20.0.11-bp153.2.3.1
openSUSE Backports SLE-15-SP2 (src):    nextcloud-20.0.11-bp152.2.9.1
openSUSE Backports SLE-15-SP1 (src):    nextcloud-20.0.11-bp151.3.15.1
SUSE Package Hub for SUSE Linux Enterprise 12 (src):    nextcloud-20.0.11-28.1