Vulnerabilities > Nextcloud > Nextcloud Server > 18.0.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-09 | CVE-2020-8150 | Missing Encryption of Sensitive Data vulnerability in Nextcloud Server A cryptographic issue in Nextcloud Server 19.0.1 allowed an attacker to downgrade the encryption scheme and break the integrity of encrypted files. | 4.1 |
| 2020-11-02 | CVE-2020-8236 | Improper Authentication vulnerability in Nextcloud Server A wrong configuration in Nextcloud Server 19.0.1 incorrectly made the user feel the passwordless WebAuthn is also a two factor verification by asking for the PIN of the passwordless WebAuthn but not verifying it. | 6.8 |
| 2020-11-02 | CVE-2020-8183 | Insufficiently Protected Credentials vulnerability in Nextcloud Server A logic error in Nextcloud Server 19.0.0 caused a plaintext storage of the share password when it was given on the initial create API call. | 7.5 |
| 2020-11-02 | CVE-2020-8173 | Missing Encryption of Sensitive Data vulnerability in Nextcloud Server A too small set of random characters being used for encryption in Nextcloud Server 18.0.4 allowed decryption in shorter time than intended. | 2.2 |