Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0.5 could lead to an attacker's actions not being logged in the audit log.
{ "cpe": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*", "extracted_events": [ { "introduced": "11.0.0" }, { "fixed": "11.0.5" }, { "introduced": "12.0.0" }, { "fixed": "12.0.3" } ], "source": "CPE_RANGE" }
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-3776.json"