Latest security Vulnerabilities in ownCloud

Disclosure of Sensitive Credentials and Configuration in Containerized Deployments Description A vulnerability in the «graphapi» app exposes PHP environment configuration, potentially revealing sensitive data like admin passwords, mail server credentials, and license keys in containerized deployments. Disabling the app doesn’t mitigate the risk entirely, as the disclosed information extends beyond credentials. Affected Versions graphapi 0.2.0 – 0.3.0 Action Taken The removal of a specific file and disabling the phpinfo function