Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-32074

user_oidc app is an OpenID Connect user backend for Nextcloud. Authentication can be broken/bypassed in user_oidc app. It is recommended that the Nextcloud user_oidc app is upgraded to 1.3.2

Published

2023-05-25T23:15:09.447

Last Modified

2024-11-21T08:02:39.623

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.0 (HIGH)

Weaknesses
  • Type: Secondary
    CWE-307
  • Type: Primary
    CWE-307
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application nextcloud user_oidc < 1.3.2 Yes
References