Security Advisory

CVE-2022-41969

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-12-01 20:47:50

Last updated 2025-04-23 16:33:25

Assigner GitHub_M

State PUBLISHED

Description

Nextcloud Server is an open source personal cloud server. Prior to versions 23.0.11, 24.0.7, and 25.0.0, there is no password length limit when creating a user as an administrator. An administrator can cause a limited DoS attack against their own server. Versions 23.0.11, 24.0.7, and 25.0.0 contain a fix for the issue. As a workaround, dont create user accounts with long passwords.

← Browse all CVEs View on cve.org ↗