Security Advisories
Follow our security advisories via RSS .
ownCloud server
10.0.2
4.0.1
4.0.10
4.0.11
4.0.12
4.0.13
4.0.14
4.0.16
4.0.2
4.0.3
4.0.5
4.0.6
4.0.7
4.0.8
4.0.9
4.5.1
4.5.10
4.5.11
4.5.12
4.5.13
4.5.2
4.5.5
4.5.6
4.5.7
4.5.8
4.5.9
5.0.1
5.0.15
5.0.16
5.0.17
5.0.18
11/25/2014
Login bypass when using the external FTP user backend11/25/2014
Login bypass when using user_ldap due to unauthenticated binds
5.0.19
5.0.4
5.0.5
5.0.6
5.0.7
5.0.8
6.0.1
6.0.2
6.0.3
6.0.4
6.0.5
6.0.6
11/25/2014
ACLs not properly enforced in “documents” application11/25/2014
Bypass of shared files password protection in “documents” application11/25/2014
Login bypass when using the external FTP user backend11/25/2014
Login bypass when using user_ldap due to unauthenticated binds
6.0.7
6.0.8
6.0.9
7.0.12
7.0.14
7.0.3
11/25/2014
ACLs not properly enforced in “documents” application11/25/2014
Bypass of shared files password protection in “documents” application11/25/2014
Login bypass when using user_ldap due to unauthenticated binds
7.0.5
7.0.6
7.0.7
7.0.8
7.0.9
8.0.10
1/6/2016
Disclosure of files that begin with “.v” due to unchecked return value1/6/2016
Information Exposure Through Directory Listing in the file scanner
8.0.12
8.0.14
7/19/2016
Read-only share recipient can restore old versions of file7/19/2016
Edit permission check not enforced on WebDAV COPY action
8.0.4
8.0.5
8.0.6
8/25/2015
Calendar export: Authorization Bypass Through User-Controlled Key8/24/2015
Information Exposure Through Directory Listing in the file scanner
8.0.7
8.0.9
8.1.1
8/25/2015
Calendar export: Authorization Bypass Through User-Controlled Key8/24/2015
Information Exposure Through Directory Listing in the file scanner
8.1.11
8.1.2
8.1.4
8.1.5
1/6/2016
Disclosure of files that begin with “.v” due to unchecked return value1/6/2016
Information Exposure Through Directory Listing in the file scanner
8.1.7
8.1.9
7/19/2016
Read-only share recipient can restore old versions of file7/19/2016
Edit permission check not enforced on WebDAV COPY action7/19/2016
Log pollution can potentially lead to local HTML injection
8.2.2
1/6/2016
Disclosure of files that begin with “.v” due to unchecked return value1/6/2016
Information Exposure Through Directory Listing in the file scanner
8.2.4
8.2.6
8.2.7
7/19/2016
Read-only share recipient can restore old versions of file7/19/2016
Edit permission check not enforced on WebDAV COPY action7/19/2016
Log pollution can potentially lead to local HTML injection
8.2.9
9.0.2
9.0.3
9.0.4
7/19/2016
Read-only share recipient can restore old versions of file7/19/2016
Edit permission check not enforced on WebDAV COPY action7/19/2016
Log pollution can potentially lead to local HTML injection