CVE-2015-5954
Publication date 21 October 2015
Last updated 24 July 2024
Ubuntu priority
The virtual filesystem in ownCloud Server before 6.0.9, 7.0.x before 7.0.7, and 8.0.x before 8.0.5 does not consider that NULL is a valid getPath return value, which allows remote authenticated users to bypass intended access restrictions and gain access to users files via a sharing link to a file with a deleted parent folder.
Status
Package | Ubuntu Release | Status |
---|---|---|
owncloud | ||
14.04 LTS trusty | Not in release | |