CVE-2021-32653

LOW Year: 2021
CVSS v3 Score
2.7
Low
CVSS v2 Score
4.0
Medium
Weakness Type
CWE-201
View all →

Vulnerability Description

Nextcloud Server is a Nextcloud package that handles data storage. Nextcloud Server versions prior to 19.0.11, 20.0.10, or 21.0.2 send user IDs to the lookup server even if the user has no fields set to published. The vulnerability is patched in versions 19.0.11, 20.0.10, and 21.0.2; no workarounds outside the updates are known to exist.

Related Vulnerabilities

CVE-2022-45428

LOW
CVSS:2.7(Low)

Some Dahua software products have a vulnerability of sensitive information leakage. After obtaining the permissions of administrators, by sending a specific crafted packet to the vulnerable interface,...

CWE-2012022

CVE-2023-3299

LOW
CVSS:2.7(Low)

HashiCorp Nomad Enterprise 1.2.11 up to 1.5.6, and 1.4.10 ACL policies using a block without a label generates unexpected results. Fixed in 1.6.0, 1.5.7, and 1.4.11.

CWE-2012023

CVE-2024-38372

LOW
CVSS:2.0(Low)

Undici is an HTTP/1.1 client, written from scratch for Node.js. Depending on network and process conditions of a `fetch()` request, `response.arrayBuffer()` might include portion of memory from the No...

CWE-2012024

CVE-2020-13597

LOW
CVSS:3.5(Low)

Clusters using Calico (version 3.14.0 and below), Calico Enterprise (version 2.8.2 and below), may be vulnerable to information disclosure if IPv6 is enabled but unused. A compromised pod with suffici...

CWE-2012020

CVE-2025-48219

LOW
CVSS:3.5(Low)

O2 UK before 2025-05-19 allows subscribers to determine the Cell ID of other subscribers by initiating an IMS (IP Multimedia Subsystem) call and then reading the utran-cell-id-3gpp field of a Cellular...

CWE-2012025

CVE-2024-46665

LOW
CVSS:3.7(Low)

An insertion of sensitive information into sent data vulnerability [CWE-201] in FortiOS 7.6.0, 7.4.0 through 7.4.4 may allow an attacker in a man-in-the-middle position to retrieve the RADIUS accounti...

CWE-2012024