CVE-2017-9286
Summary
The packaging of NextCloud in openSUSE used /srv/www/htdocs in an unsafe manner, which could have allowed scripts running as wwwrun user to escalate privileges to root during nextcloud package upgrade.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- NONE
- LOW
- HIGH
- HIGH
References
Advisory Timeline
- Published