CVE-2016-1499

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2016-1499
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-1499.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2016-1499
Downstream
Published
2016-01-08T21:59:07.953Z
Modified
2026-04-16T06:22:31.302847514Z
Severity
  • 8.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:H CVSS Calculator
Summary
[none]
Details

ownCloud Server before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2 allow remote authenticated users to obtain sensitive information from a directory listing and possibly cause a denial of service (CPU consumption) via the force parameter to index.php/apps/files/ajax/scan.php.

References

Affected packages

Git / github.com/owncloud/core

Affected ranges

Type
GIT
Repo
https://github.com/owncloud/core
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
258496c951d5a25662eae780f360c9a1e2171b44
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
8ee2009de36e01a9866404f07722892f84c16e3e
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
8f71705c2ec73d396ff8178f088661c3a20988b0
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
06ec916b1128b9a1ec79751bdd78cc4a8c64ace8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
ca66a705ec59cce1ac60c2fb92ec543e296c23f9
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
015323c1cb239ab242ff43183fd2edb8e3103025
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
aca9fce93f5b586e52d4416658105ef2657d9dcb
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.0.9"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.2.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.2.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.1.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.1.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.1.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.1.4"
        }
    ]
}

Affected versions

v1.*
v1.0.0beta1
v3.*
v3.0
v4.*
v4.0.0
v4.0.0RC
v4.0.0RC2
v4.0.0beta
v4.0.1
v4.0.4
v4.0.5
v4.0.6
v4.5.0
v4.5.0RC1
v4.5.0RC2
v4.5.0RC3
v4.5.0beta3
v4.5.0beta4
v5.*
v5.0.0
v5.0.0RC1
v5.0.0RC2
v5.0.0RC3
v5.0.0alpha1
v5.0.0beta1
v5.0.0beta2
v6.*
v6.0.0RC1
v6.0.0RC2
v6.0.0alpha2
v6.0.0beta2
v6.0.0beta3
v6.0.0beta4
v6.0.0beta5
v7.*
v7.0.0alpha2
v7.0.0beta1
v8.*
v8.0.0
v8.0.0RC1
v8.0.0RC2
v8.0.0alpha1
v8.0.0alpha2
v8.0.0beta1
v8.0.0beta2
v8.0.1
v8.0.1RC1
v8.0.2
v8.0.3
v8.0.3RC1
v8.0.3RC2
v8.0.3RC3
v8.0.3RC4
v8.0.4
v8.0.4RC1
v8.0.4RC2
v8.0.5
v8.0.5RC1
v8.0.5beta
v8.0.6
v8.0.6RC1
v8.0.6beta1
v8.0.7
v8.0.7RC1
v8.0.8
v8.0.9
v8.0.9RC1
v8.0.9RC2
v8.1.0
v8.1.0alpha1
v8.1.0alpha2
v8.1.0beta1
v8.1.0beta2
v8.1.1
v8.1.1RC1
v8.1.1beta
v8.1.1beta1
v8.1.2
v8.1.2RC1
v8.1.3
v8.1.4
v8.1.4RC1
v8.1.4RC2
v8.1RC2
v8.2.0
v8.2.1
v8.2.1RC1
v8.2.1RC2
v8.2.1RC3
v8.2.1RC4
v8.2RC1
v8.2RC2
v8.2RC3
v8.2beta1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-1499.json"