This page lists publicly disclosed CVE vulnerabilities affecting nextcloud end-to-end_encryption (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-35173 | Nextcloud End-to-end encryption app provides all the necessary APIs to implement End-to-End encryption on the client side. By providing an invalid meta data file, an attacker can make previously dropped files inaccessible. It is recommended that the Nextcloud End-to-end encryption app is upgraded to version 1.12.4 that contains the fix. | [email protected] | 5.7 | 0.18% | 2023-06-23 | 2024-11-21 |
| CVE-2021-22906 | Nextcloud End-to-End Encryption before 1.5.3, 1.6.3 and 1.7.1 suffers from a denial of service vulnerability due to permitting any authenticated users to lock files of other users. | [email protected] | 6.5 | 0.17% | 2021-06-11 | 2024-11-21 |