Impact
What kind of vulnerability is it? Who is impacted?
OpenCloud exposes internal metadata folders in the spaces of an authenticated user due to a vulnerability in a sub package (reva). This can lead to unwanted ways of interaction with the data.
Patches
Has the problem been patched? What versions should users upgrade to?
Patched versions are stable 4.0.8 and 7.2.0 releases.
Workarounds
Is there a way for users to fix or remediate the vulnerability without upgrading?
No.
References
Are there any links users can visit to find out more?
reva CVE GHSA-3v8c-738m-4gcj
Impact
What kind of vulnerability is it? Who is impacted?
OpenCloud exposes internal metadata folders in the spaces of an authenticated user due to a vulnerability in a sub package (reva). This can lead to unwanted ways of interaction with the data.
Patches
Has the problem been patched? What versions should users upgrade to?
Patched versions are stable 4.0.8 and 7.2.0 releases.
Workarounds
Is there a way for users to fix or remediate the vulnerability without upgrading?
No.
References
Are there any links users can visit to find out more?
reva CVE GHSA-3v8c-738m-4gcj