Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-52507

Nextcloud Tables allows users to to create tables with individual columns. The information which Table (numeric ID) is shared with which groups and users and the respective permissions was not limited to affected users. It is recommended that the Nextcloud Tables app is upgraded to 0.8.1.

Published

2024-11-15T18:15:28.847

Last Modified

2025-10-01T18:11:17.353

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 3.5 (LOW)

Weaknesses

Type: Secondary
CWE-639

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	nextcloud	tables	< 0.8.1	Yes

References

https://github.com/nextcloud/security-advisories/security/advisories/GHSA-rgvc-xr2w-qq45 Vendor Advisory ([email protected])
https://github.com/nextcloud/tables/commit/13ca45f1b9f70f694aea81b78bc7416ec840c332 Patch ([email protected])
https://github.com/nextcloud/tables/pull/1406 Issue Tracking ([email protected])
https://hackerone.com/reports/2705507 Issue Tracking ([email protected])