CVE-2022-35931

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-35931

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-35931.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-35931

Related

GHSA-c7mw-9q4r-8qwr
openSUSE-SU-2023:0083-1

Published

2022-09-06T18:15:15Z

Modified

2025-02-19T03:28:06.358173Z

Downstream

openSUSE-SU-2023:0083-1

Severity

2.7 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

Nextcloud Password Policy is an app that enables a Nextcloud server admin to define certain rules for passwords. Prior to versions 22.2.10, 23.0.7, and 24.0.3 the random password generator may, in very rare cases, generate common passwords that the validator itself would block. Upgrade Nextcloud Server to 22.2.10, 23.0.7 or 24.0.3 to receive a patch for the issue in Password Policy. There are no known workarounds available.

References

Affected packages

Git / github.com/nextcloud/password_policy

Affected ranges

Type: GIT
Repo: https://github.com/nextcloud/password_policy
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

08a98af639d52f94a66cfda19c4c1f6c6582a85f

Affected versions

22.*

22.1.0

v11.*

v11.0.0

v11.0RC2

v12.*

v12.0.0

v12.0.0RC1

v12.0.0RC2

v12.0.0RC3

v12.0.0beta1

v12.0.0beta2

v12.0.0beta3

v12.0.0beta4

v13.*

v13.0.0RC1

v13.0.0beta1

v13.0.0beta2

v13.0.0beta3

v13.0.0beta4

v14.*

v14.0.0RC1

v14.0.0RC2

v14.0.0beta1

v14.0.0beta2

v14.0.0beta3

v14.0.0beta4

v15.*

v15.0.0RC1

v15.0.0beta1

v15.0.0beta2

v16.*

v16.0.0RC1

v16.0.0alpha1

v16.0.0beta1

v16.0.0beta2

v16.0.0beta3

v17.*

v17.0.0beta1

v17.0.0beta2

v17.0.0beta3

v17.0.0beta4

v18.*

v18.0.0

v18.0.0RC1

v18.0.0RC2

v18.0.0beta1

v18.0.0beta2

v18.0.0beta3

v18.0.0beta4

v19.*

v19.0.0RC1

v19.0.0RC2

v19.0.0beta1

v19.0.0beta2

v19.0.0beta3

v19.0.0beta4

v19.0.0beta5

v19.0.0beta6

v19.0.0beta7

v20.*

v20.0.0RC1

v20.0.0beta1

v20.0.0beta2

v20.0.0beta3

v20.0.0beta4

v21.*

v21.0.0RC1

v21.0.0beta1

v21.0.0beta2

v21.0.0beta3

v21.0.0beta4

v21.0.0beta5

v21.0.0beta6

v21.0.0beta7

v21.0.0beta8

v22.*

v22.0.0

v22.0.0beta1

v22.0.0beta2

v22.0.0beta3

v22.0.0beta4

v22.0.0beta5

v22.0.0rc1

v22.0.0rc2

v22.1.0

v22.1.0rc1

v22.1.1

v22.1.1rc1

v22.1.1rc2

v22.2.0

v22.2.0rc2

v22.2.1

v22.2.1rc1

v22.2.2

v22.2.3

v22.2.4

v22.2.4rc1

v22.2.4rc2

v22.2.4rc3

v22.2.5

v22.2.5rc1

v22.2.6

v22.2.6rc1

v22.2.6rc2

v22.2.7

v22.2.7rc1

v22.2.8

v22.2.8rc1

v22.2.9

v22.2.9rc1