CVE-2025-58051 (GCVE-0-2025-58051)
Vulnerability from cvelistv5
Published
2025-10-16 16:48
Modified
2025-10-16 18:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-841 - Improper Enforcement of Behavioral Workflow
Summary
Nextcloud Tables allows you to create your own tables with individual columns. Prior 0.7.6, 0.8.8, and 0.9.5, when importing a table, a user was able to specify files on the server and when their format is supported by the used PhpSpreadsheet library they would be included and their content leaked to the user. It is recommended that the Nextcloud Tables app is upgraded to 0.7.6, 0.8.8 or 0.9.5.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| nextcloud | security-advisories |
Version: >= 0.7.0, < 0.7.6 Version: >= 0.8.0, < 0.8.8 Version: >= 0.9.0, < 0.9.5 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-58051",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-16T18:03:43.989845Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T18:13:19.134Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "security-advisories",
"vendor": "nextcloud",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.7.0, \u003c 0.7.6"
},
{
"status": "affected",
"version": "\u003e= 0.8.0, \u003c 0.8.8"
},
{
"status": "affected",
"version": "\u003e= 0.9.0, \u003c 0.9.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nextcloud Tables allows you to create your own tables with individual columns. Prior 0.7.6, 0.8.8, and 0.9.5, when importing a table, a user was able to specify files on the server and when their format is supported by the used PhpSpreadsheet library they would be included and their content leaked to the user. It is recommended that the Nextcloud Tables app is upgraded to 0.7.6, 0.8.8 or 0.9.5."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-841",
"description": "CWE-841: Improper Enforcement of Behavioral Workflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T16:48:19.618Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-wpp5-4w35-pxq6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-wpp5-4w35-pxq6"
},
{
"name": "https://github.com/nextcloud/tables/pull/1936",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/nextcloud/tables/pull/1936"
},
{
"name": "https://hackerone.com/reports/3249624",
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/3249624"
}
],
"source": {
"advisory": "GHSA-wpp5-4w35-pxq6",
"discovery": "UNKNOWN"
},
"title": "Nextcloud Tables app allowed to include local file via PhpSpreadsheet when importing a table"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-58051",
"datePublished": "2025-10-16T16:48:19.618Z",
"dateReserved": "2025-08-22T14:30:32.221Z",
"dateUpdated": "2025-10-16T18:13:19.134Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-58051\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-10-16T17:15:34.417\",\"lastModified\":\"2025-10-16T17:15:34.417\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Nextcloud Tables allows you to create your own tables with individual columns. Prior 0.7.6, 0.8.8, and 0.9.5, when importing a table, a user was able to specify files on the server and when their format is supported by the used PhpSpreadsheet library they would be included and their content leaked to the user. It is recommended that the Nextcloud Tables app is upgraded to 0.7.6, 0.8.8 or 0.9.5.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-841\"}]}],\"references\":[{\"url\":\"https://github.com/nextcloud/security-advisories/security/advisories/GHSA-wpp5-4w35-pxq6\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/nextcloud/tables/pull/1936\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://hackerone.com/reports/3249624\",\"source\":\"security-advisories@github.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-58051\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-10-16T18:03:43.989845Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-10-16T18:13:14.890Z\"}}], \"cna\": {\"title\": \"Nextcloud Tables app allowed to include local file via PhpSpreadsheet when importing a table\", \"source\": {\"advisory\": \"GHSA-wpp5-4w35-pxq6\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"nextcloud\", \"product\": \"security-advisories\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 0.7.0, \u003c 0.7.6\"}, {\"status\": \"affected\", \"version\": \"\u003e= 0.8.0, \u003c 0.8.8\"}, {\"status\": \"affected\", \"version\": \"\u003e= 0.9.0, \u003c 0.9.5\"}]}], \"references\": [{\"url\": \"https://github.com/nextcloud/security-advisories/security/advisories/GHSA-wpp5-4w35-pxq6\", \"name\": \"https://github.com/nextcloud/security-advisories/security/advisories/GHSA-wpp5-4w35-pxq6\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/nextcloud/tables/pull/1936\", \"name\": \"https://github.com/nextcloud/tables/pull/1936\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://hackerone.com/reports/3249624\", \"name\": \"https://hackerone.com/reports/3249624\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Nextcloud Tables allows you to create your own tables with individual columns. Prior 0.7.6, 0.8.8, and 0.9.5, when importing a table, a user was able to specify files on the server and when their format is supported by the used PhpSpreadsheet library they would be included and their content leaked to the user. It is recommended that the Nextcloud Tables app is upgraded to 0.7.6, 0.8.8 or 0.9.5.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-841\", \"description\": \"CWE-841: Improper Enforcement of Behavioral Workflow\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-10-16T16:48:19.618Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-58051\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-16T18:13:19.134Z\", \"dateReserved\": \"2025-08-22T14:30:32.221Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-10-16T16:48:19.618Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…