https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sat, 13 Jun 2026 04:32:43 +0000 https://vulnerability.circl.lu/sighting/092d5dd5-68e2-4e27-81fd-54207544d55b/export {"uuid": "092d5dd5-68e2-4e27-81fd-54207544d55b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39345", "type": "seen", "source": "https://t.me/cibsecurity/52046", "content": "\u203c CVE-2022-39345 \u203c\n\nGin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. Gin-vue-admin prior to 2.5.4 is vulnerable to path traversal, which leads to file upload vulnerabilities. Version 2.5.4 contains a patch for this issue. There are no workarounds aside from upgrading to a patched version.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-25T20:40:41.000000Z"} {"uuid": "092d5dd5-68e2-4e27-81fd-54207544d55b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39345", "type": "seen", "source": "https://t.me/cibsecurity/52046", "content": "\u203c CVE-2022-39345 \u203c\n\nGin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. Gin-vue-admin prior to 2.5.4 is vulnerable to path traversal, which leads to file upload vulnerabilities. Version 2.5.4 contains a patch for this issue. There are no workarounds aside from upgrading to a patched version.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-25T20:40:41.000000Z"} https://vulnerability.circl.lu/sighting/092d5dd5-68e2-4e27-81fd-54207544d55b/export Tue, 25 Oct 2022 20:40:41 +0000 https://vulnerability.circl.lu/sighting/97a8391f-216a-46a7-b9bc-4bfceca269a6/export {"uuid": "97a8391f-216a-46a7-b9bc-4bfceca269a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39340", "type": "seen", "source": "https://t.me/cibsecurity/52058", "content": "\u203c CVE-2022-39340 \u203c\n\nOpenFGA is an authorization/permission engine. Prior to version 0.2.4, the `streamed-list-objects` endpoint was not validating the authorization header, resulting in disclosure of objects in the store. Users `openfga/openfga` versions 0.2.3 and prior who are exposing the OpenFGA service to the internet are vulnerable. Version 0.2.4 contains a patch for this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-25T20:40:59.000000Z"} {"uuid": "97a8391f-216a-46a7-b9bc-4bfceca269a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39340", "type": "seen", "source": "https://t.me/cibsecurity/52058", "content": "\u203c CVE-2022-39340 \u203c\n\nOpenFGA is an authorization/permission engine. Prior to version 0.2.4, the `streamed-list-objects` endpoint was not validating the authorization header, resulting in disclosure of objects in the store. Users `openfga/openfga` versions 0.2.3 and prior who are exposing the OpenFGA service to the internet are vulnerable. Version 0.2.4 contains a patch for this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-25T20:40:59.000000Z"} https://vulnerability.circl.lu/sighting/97a8391f-216a-46a7-b9bc-4bfceca269a6/export Tue, 25 Oct 2022 20:40:59 +0000 https://vulnerability.circl.lu/sighting/1c65e9f6-2891-475f-a204-068ec9aa74c0/export {"uuid": "1c65e9f6-2891-475f-a204-068ec9aa74c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39348", "type": "seen", "source": "https://t.me/cibsecurity/52119", "content": "\u203c CVE-2022-39348 \u203c\n\nTwisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource` resource which renders the Host header unescaped into the 404 response allowing HTML and script injection. In practice this should be very difficult to exploit as being able to modify the Host header of a normal HTTP request implies that one is already in a privileged position. This issue was fixed in version 22.10.0rc1. There are no known workarounds.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-27T01:14:36.000000Z"} {"uuid": "1c65e9f6-2891-475f-a204-068ec9aa74c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39348", "type": "seen", "source": "https://t.me/cibsecurity/52119", "content": "\u203c CVE-2022-39348 \u203c\n\nTwisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource` resource which renders the Host header unescaped into the 404 response allowing HTML and script injection. In practice this should be very difficult to exploit as being able to modify the Host header of a normal HTTP request implies that one is already in a privileged position. This issue was fixed in version 22.10.0rc1. There are no known workarounds.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-27T01:14:36.000000Z"} https://vulnerability.circl.lu/sighting/1c65e9f6-2891-475f-a204-068ec9aa74c0/export Thu, 27 Oct 2022 01:14:36 +0000 https://vulnerability.circl.lu/sighting/0fbc387a-ba8e-4e6e-be73-af0c0e7b4ab5/export {"uuid": "0fbc387a-ba8e-4e6e-be73-af0c0e7b4ab5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39344", "type": "seen", "source": "https://t.me/cibsecurity/52572", "content": "\u203c CVE-2022-39344 \u203c\n\nAzure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. Prior to version 6.1.12, the USB DFU UPLOAD functionality may be utilized to introduce a buffer overflow resulting in overwrite of memory contents. In particular cases this may allow an attacker to bypass security features or execute arbitrary code. The implementation of `ux_device_class_dfu_control_request` function prevents buffer overflow during handling of DFU UPLOAD command when current state is `UX_SYSTEM_DFU_STATE_DFU_IDLE`. This issue has been patched, please upgrade to version 6.1.12. As a workaround, add the `UPLOAD_LENGTH` check in all possible states.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-04T23:31:42.000000Z"} {"uuid": "0fbc387a-ba8e-4e6e-be73-af0c0e7b4ab5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39344", "type": "seen", "source": "https://t.me/cibsecurity/52572", "content": "\u203c CVE-2022-39344 \u203c\n\nAzure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. Prior to version 6.1.12, the USB DFU UPLOAD functionality may be utilized to introduce a buffer overflow resulting in overwrite of memory contents. In particular cases this may allow an attacker to bypass security features or execute arbitrary code. The implementation of `ux_device_class_dfu_control_request` function prevents buffer overflow during handling of DFU UPLOAD command when current state is `UX_SYSTEM_DFU_STATE_DFU_IDLE`. This issue has been patched, please upgrade to version 6.1.12. As a workaround, add the `UPLOAD_LENGTH` check in all possible states.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-04T23:31:42.000000Z"} https://vulnerability.circl.lu/sighting/0fbc387a-ba8e-4e6e-be73-af0c0e7b4ab5/export Fri, 04 Nov 2022 23:31:42 +0000 https://vulnerability.circl.lu/sighting/0108d7c7-7d69-47f6-9efb-8c42c29aa30e/export {"uuid": "0108d7c7-7d69-47f6-9efb-8c42c29aa30e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39343", "type": "seen", "source": "https://t.me/cibsecurity/52617", "content": "\u203c CVE-2022-39343 \u203c\n\nAzure RTOS FileX is a FAT-compatible file system that\u00c3\u00a2\u00e2\u201a\u00ac\u00e2\u201e\u00a2s fully integrated with Azure RTOS ThreadX. In versions before 6.2.0, the Fault Tolerant feature of Azure RTOS FileX includes integer under and overflows which may be exploited to achieve buffer overflow and modify memory contents. When a valid log file with correct ID and checksum is detected by the `_fx_fault_tolerant_enable` function an attempt to recover the previous failed write operation is taken by call of `_fx_fault_tolerant_apply_logs`. This function iterates through the log entries and performs required recovery operations. When properly crafted a log including entries of type `FX_FAULT_TOLERANT_DIR_LOG_TYPE` may be utilized to introduce unexpected behavior. This issue has been patched in version 6.2.0. A workaround to fix line 218 in fx_fault_tolerant_apply_logs.c is documented in the GHSA.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-08T12:34:58.000000Z"} {"uuid": "0108d7c7-7d69-47f6-9efb-8c42c29aa30e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39343", "type": "seen", "source": "https://t.me/cibsecurity/52617", "content": "\u203c CVE-2022-39343 \u203c\n\nAzure RTOS FileX is a FAT-compatible file system that\u00c3\u00a2\u00e2\u201a\u00ac\u00e2\u201e\u00a2s fully integrated with Azure RTOS ThreadX. In versions before 6.2.0, the Fault Tolerant feature of Azure RTOS FileX includes integer under and overflows which may be exploited to achieve buffer overflow and modify memory contents. When a valid log file with correct ID and checksum is detected by the `_fx_fault_tolerant_enable` function an attempt to recover the previous failed write operation is taken by call of `_fx_fault_tolerant_apply_logs`. This function iterates through the log entries and performs required recovery operations. When properly crafted a log including entries of type `FX_FAULT_TOLERANT_DIR_LOG_TYPE` may be utilized to introduce unexpected behavior. This issue has been patched in version 6.2.0. A workaround to fix line 218 in fx_fault_tolerant_apply_logs.c is documented in the GHSA.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-08T12:34:58.000000Z"} https://vulnerability.circl.lu/sighting/0108d7c7-7d69-47f6-9efb-8c42c29aa30e/export Tue, 08 Nov 2022 12:34:58 +0000 https://vulnerability.circl.lu/sighting/b0c8f170-7f00-4f20-acf8-05451c4671b3/export {"uuid": "b0c8f170-7f00-4f20-acf8-05451c4671b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39347", "type": "seen", "source": "https://t.me/cibsecurity/53031", "content": "\u203c CVE-2022-39347 \u203c\n\nFreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing path canonicalization and base path check for `drive` channel. A malicious server can trick a FreeRDP based client to read files outside the shared directory. This issue has been addressed in version 2.9.0 and all users are advised to upgrade. Users unable to upgrade should not use the `/drive`, `/drives` or `+home-drive` redirection switch.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-18T07:26:18.000000Z"} {"uuid": "b0c8f170-7f00-4f20-acf8-05451c4671b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39347", "type": "seen", "source": "https://t.me/cibsecurity/53031", "content": "\u203c CVE-2022-39347 \u203c\n\nFreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing path canonicalization and base path check for `drive` channel. A malicious server can trick a FreeRDP based client to read files outside the shared directory. This issue has been addressed in version 2.9.0 and all users are advised to upgrade. Users unable to upgrade should not use the `/drive`, `/drives` or `+home-drive` redirection switch.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-18T07:26:18.000000Z"} https://vulnerability.circl.lu/sighting/b0c8f170-7f00-4f20-acf8-05451c4671b3/export Fri, 18 Nov 2022 07:26:18 +0000 https://vulnerability.circl.lu/sighting/1c72df25-c4c2-4f70-bab2-848b90000924/export {"uuid": "1c72df25-c4c2-4f70-bab2-848b90000924", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3934", "type": "seen", "source": "https://t.me/cibsecurity/54343", "content": "\u203c CVE-2022-3934 \u203c\n\nThe Flat PM WordPress plugin through 2.661 does not sanitize and escapes some parameters, which could allow users with a role as low as Admin to perform Cross-Site Scripting attacks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-12T20:21:07.000000Z"} {"uuid": "1c72df25-c4c2-4f70-bab2-848b90000924", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3934", "type": "seen", "source": "https://t.me/cibsecurity/54343", "content": "\u203c CVE-2022-3934 \u203c\n\nThe Flat PM WordPress plugin through 2.661 does not sanitize and escapes some parameters, which could allow users with a role as low as Admin to perform Cross-Site Scripting attacks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-12T20:21:07.000000Z"} https://vulnerability.circl.lu/sighting/1c72df25-c4c2-4f70-bab2-848b90000924/export Mon, 12 Dec 2022 20:21:07 +0000 https://vulnerability.circl.lu/sighting/54f4961b-215f-4202-bab4-bafbc07cf9df/export {"uuid": "54f4961b-215f-4202-bab4-bafbc07cf9df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39346", "type": "seen", "source": "https://t.me/kasraone_com/357", "content": "\ud83d\udd34CVE\n\nCVE-2022-39346\n\n\n\u0633\u0631\u0648\u0631 Nextcloud \u06cc\u06a9 \u0633\u0631\u0648\u0631 \u0627\u0628\u0631 \u0634\u062e\u0635\u06cc \u0645\u0646\u0628\u0639 \u0628\u0627\u0632 \u0627\u0633\u062a. \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628\u200c\u062f\u06cc\u062f\u0647 \u0633\u0631\u0648\u0631 nextcloud \u0628\u0647 \u062f\u0631\u0633\u062a\u06cc \u0646\u0627\u0645\u200c\u0647\u0627\u06cc \u0646\u0645\u0627\u06cc\u0634\u06cc \u06a9\u0627\u0631\u0628\u0631 \u0631\u0627 \u0645\u062d\u062f\u0648\u062f \u0646\u06a9\u0631\u062f\u0647\u200c\u0627\u0646\u062f \u06a9\u0647 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0645\u062e\u0631\u0628 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u067e\u0627\u06cc\u06af\u0627\u0647 \u062f\u0627\u062f\u0647 \u067e\u0634\u062a\u06cc\u0628\u0627\u0646 \u0631\u0627 \u0628\u0627\u0631\u06af\u0630\u0627\u0631\u06cc \u06a9\u0646\u0646\u062f \u0648 \u0628\u0627\u0639\u062b \u0627\u0646\u06a9\u0627\u0631 \u0633\u0631\u0648\u06cc\u0633 \u0634\u0648\u0646\u062f. \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u0634\u0648\u062f \u06a9\u0647 \u0633\u0631\u0648\u0631 Nextcloud \u0628\u0647 22.2.10\u060c 23.0.7 \u06cc\u0627 24.0.3 \u0627\u0631\u062a\u0642\u0627 \u06cc\u0627\u0628\u062f. \u0647\u06cc\u0686 \u0631\u0627\u0647 \u062d\u0644 \u0634\u0646\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u0627\u06cc \u0628\u0631\u0627\u06cc \u0627\u06cc\u0646 \u0645\u0634\u06a9\u0644 \u0648\u062c\u0648\u062f \u0646\u062f\u0627\u0631\u062f.\n\n\ub125\uc2a4\ud2b8\ud074\ub77c\uc6b0\ub4dc \uc11c\ubc84\ub294 \uc624\ud508\uc18c\uc2a4 \uac1c\uc778 \ud074\ub77c\uc6b0\ub4dc \uc11c\ubc84\uc785\ub2c8\ub2e4. \uc601\ud5a5\uc744 \ubc1b\ub294 nextcloud \uc11c\ubc84 \ubc84\uc804\uc740 \uc0ac\uc6a9\uc790 \ud45c\uc2dc \uc774\ub984\uc744 \uc801\uc808\ud558\uac8c \uc81c\ud55c\ud558\uc9c0 \uc54a\uc544 \uc545\uc758\uc801\uc778 \uc0ac\uc6a9\uc790\uac00 \ubc31\uc5c5 \ub370\uc774\ud130\ubca0\uc774\uc2a4\uc5d0 \uacfc\ubd80\ud558\ub97c \uc77c\uc73c\ucf1c \uc11c\ube44\uc2a4 \uac70\ubd80\ub97c \uc720\ubc1c\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. Nextcloud Server\ub97c 22.2.10, 23.0.7 \ub610\ub294 24.0.3\uc73c\ub85c \uc5c5\uadf8\ub808\uc774\ub4dc\ud558\ub294 \uac83\uc774 \uc88b\uc2b5\ub2c8\ub2e4. \uc774 \ubb38\uc81c\uc5d0 \ub300\ud574 \uc54c\ub824\uc9c4 \ud574\uacb0 \ubc29\ubc95\uc740 \uc5c6\uc2b5\ub2c8\ub2e4.", "creation_timestamp": "2023-07-13T13:37:56.000000Z"} {"uuid": "54f4961b-215f-4202-bab4-bafbc07cf9df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39346", "type": "seen", "source": "https://t.me/kasraone_com/357", "content": "\ud83d\udd34CVE\n\nCVE-2022-39346\n\n\n\u0633\u0631\u0648\u0631 Nextcloud \u06cc\u06a9 \u0633\u0631\u0648\u0631 \u0627\u0628\u0631 \u0634\u062e\u0635\u06cc \u0645\u0646\u0628\u0639 \u0628\u0627\u0632 \u0627\u0633\u062a. \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628\u200c\u062f\u06cc\u062f\u0647 \u0633\u0631\u0648\u0631 nextcloud \u0628\u0647 \u062f\u0631\u0633\u062a\u06cc \u0646\u0627\u0645\u200c\u0647\u0627\u06cc \u0646\u0645\u0627\u06cc\u0634\u06cc \u06a9\u0627\u0631\u0628\u0631 \u0631\u0627 \u0645\u062d\u062f\u0648\u062f \u0646\u06a9\u0631\u062f\u0647\u200c\u0627\u0646\u062f \u06a9\u0647 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0645\u062e\u0631\u0628 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u067e\u0627\u06cc\u06af\u0627\u0647 \u062f\u0627\u062f\u0647 \u067e\u0634\u062a\u06cc\u0628\u0627\u0646 \u0631\u0627 \u0628\u0627\u0631\u06af\u0630\u0627\u0631\u06cc \u06a9\u0646\u0646\u062f \u0648 \u0628\u0627\u0639\u062b \u0627\u0646\u06a9\u0627\u0631 \u0633\u0631\u0648\u06cc\u0633 \u0634\u0648\u0646\u062f. \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u0634\u0648\u062f \u06a9\u0647 \u0633\u0631\u0648\u0631 Nextcloud \u0628\u0647 22.2.10\u060c 23.0.7 \u06cc\u0627 24.0.3 \u0627\u0631\u062a\u0642\u0627 \u06cc\u0627\u0628\u062f. \u0647\u06cc\u0686 \u0631\u0627\u0647 \u062d\u0644 \u0634\u0646\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u0627\u06cc \u0628\u0631\u0627\u06cc \u0627\u06cc\u0646 \u0645\u0634\u06a9\u0644 \u0648\u062c\u0648\u062f \u0646\u062f\u0627\u0631\u062f.\n\n\ub125\uc2a4\ud2b8\ud074\ub77c\uc6b0\ub4dc \uc11c\ubc84\ub294 \uc624\ud508\uc18c\uc2a4 \uac1c\uc778 \ud074\ub77c\uc6b0\ub4dc \uc11c\ubc84\uc785\ub2c8\ub2e4. \uc601\ud5a5\uc744 \ubc1b\ub294 nextcloud \uc11c\ubc84 \ubc84\uc804\uc740 \uc0ac\uc6a9\uc790 \ud45c\uc2dc \uc774\ub984\uc744 \uc801\uc808\ud558\uac8c \uc81c\ud55c\ud558\uc9c0 \uc54a\uc544 \uc545\uc758\uc801\uc778 \uc0ac\uc6a9\uc790\uac00 \ubc31\uc5c5 \ub370\uc774\ud130\ubca0\uc774\uc2a4\uc5d0 \uacfc\ubd80\ud558\ub97c \uc77c\uc73c\ucf1c \uc11c\ube44\uc2a4 \uac70\ubd80\ub97c \uc720\ubc1c\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. Nextcloud Server\ub97c 22.2.10, 23.0.7 \ub610\ub294 24.0.3\uc73c\ub85c \uc5c5\uadf8\ub808\uc774\ub4dc\ud558\ub294 \uac83\uc774 \uc88b\uc2b5\ub2c8\ub2e4. \uc774 \ubb38\uc81c\uc5d0 \ub300\ud574 \uc54c\ub824\uc9c4 \ud574\uacb0 \ubc29\ubc95\uc740 \uc5c6\uc2b5\ub2c8\ub2e4.", "creation_timestamp": "2023-07-13T13:37:56.000000Z"} https://vulnerability.circl.lu/sighting/54f4961b-215f-4202-bab4-bafbc07cf9df/export Thu, 13 Jul 2023 13:37:56 +0000