CVE-2021-22906

Summary

Nextcloud End-to-End Encryption before 1.5.3, 1.6.3 and 1.7.1 suffers from a denial of service vulnerability due to permitting any authenticated users to lock files of other users.

Affected Software

VendorProductVersion RangeStatus
n/aNextcloud End-to-End EncryptionFixed in 1.5.3, 1.6.3, 1.7.1affected

Weaknesses

  • CWE-400: Denial of Service (CWE-400)

ADP Enrichment

CVE Program Container

Additional References

References