CVE-2022-31132 - Vulnerability Details - OpenCVE

Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions shipped with a CSS minifier on the path `./vendor/cerdic/css-tidy/css_optimiser.php`. Access to the minifier is unrestricted and access may lead to Server-Side Request Forgery (SSRF). It is recommendet to upgrade to Mail 1.12.7 or Mail 1.13.6. Users unable to upgrade may manually delete the file located at `./vendor/cerdic/css-tidy/css_optimiser.php`

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Nextcloud	Mail

Configuration 1 [-]

OR	cpe:2.3:a:nextcloud:mail::::::::
	cpe:2.3:a:nextcloud:mail::::::::

No data.

References

Link	Providers
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-24pm-rjfv-23mh

History

Wed, 23 Apr 2025 18:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2022-08-04T17:10:10.000Z

Updated: 2025-04-23T17:53:46.349Z

Reserved: 2022-05-18T00:00:00.000Z

Link: CVE-2022-31132

Vulnrichment

Updated: 2024-08-03T07:11:39.264Z

NVD

Status : Modified

Published: 2022-08-04T17:15:08.597

Modified: 2024-11-21T07:03:57.897

Link: CVE-2022-31132

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "security-advisories", "vendor": "nextcloud", "versions": [{"status": "affected", "version": "< 1.12.8"}, {"status": "affected", "version": ">= 1.13.0, < 1.13.6"}]}], "descriptions": [{"lang": "en", "value": "Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions shipped with a CSS minifier on the path `./vendor/cerdic/css-tidy/css_optimiser.php`. Access to the minifier is unrestricted and access may lead to Server-Side Request Forgery (SSRF). It is recommendet to upgrade to Mail 1.12.7 or Mail 1.13.6. Users unable to upgrade may manually delete the file located at `./vendor/cerdic/css-tidy/css_optimiser.php`"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-918", "description": "CWE-918: Server-Side Request Forgery (SSRF)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-08-04T17:10:10.000Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-24pm-rjfv-23mh"}], "source": {"advisory": "GHSA-24pm-rjfv-23mh", "discovery": "UNKNOWN"}, "title": "Unauthenticated SSRF in 3rd party module \"cerdic/csstidy\"", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-31132", "STATE": "PUBLIC", "TITLE": "Unauthenticated SSRF in 3rd party module \"cerdic/csstidy\""}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "security-advisories", "version": {"version_data": [{"version_value": "< 1.12.8"}, {"version_value": ">= 1.13.0, < 1.13.6"}]}}]}, "vendor_name": "nextcloud"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions shipped with a CSS minifier on the path `./vendor/cerdic/css-tidy/css_optimiser.php`. Access to the minifier is unrestricted and access may lead to Server-Side Request Forgery (SSRF). It is recommendet to upgrade to Mail 1.12.7 or Mail 1.13.6. Users unable to upgrade may manually delete the file located at `./vendor/cerdic/css-tidy/css_optimiser.php`"}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-918: Server-Side Request Forgery (SSRF)"}]}]}, "references": {"reference_data": [{"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-24pm-rjfv-23mh", "refsource": "CONFIRM", "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-24pm-rjfv-23mh"}]}, "source": {"advisory": "GHSA-24pm-rjfv-23mh", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T07:11:39.264Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-24pm-rjfv-23mh"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-23T15:52:23.389489Z", "id": "CVE-2022-31132", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-23T17:53:46.349Z"}}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-31132", "datePublished": "2022-08-04T17:10:10.000Z", "dateReserved": "2022-05-18T00:00:00.000Z", "dateUpdated": "2025-04-23T17:53:46.349Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-24pm-rjfv-23mh", "tags": ["x_refsource_CONFIRM", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T07:11:39.264Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-31132", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-23T15:52:23.389489Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-23T15:52:25.371Z"}}], "cna": {"title": "Unauthenticated SSRF in 3rd party module \"cerdic/csstidy\"", "source": {"advisory": "GHSA-24pm-rjfv-23mh", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.3, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "nextcloud", "product": "security-advisories", "versions": [{"status": "affected", "version": "< 1.12.8"}, {"status": "affected", "version": ">= 1.13.0, < 1.13.6"}]}], "references": [{"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-24pm-rjfv-23mh", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions shipped with a CSS minifier on the path `./vendor/cerdic/css-tidy/css_optimiser.php`. Access to the minifier is unrestricted and access may lead to Server-Side Request Forgery (SSRF). It is recommendet to upgrade to Mail 1.12.7 or Mail 1.13.6. Users unable to upgrade may manually delete the file located at `./vendor/cerdic/css-tidy/css_optimiser.php`"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "CWE-918: Server-Side Request Forgery (SSRF)"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2022-08-04T17:10:10.000Z"}, "x_legacyV4Record": {"impact": {"cvss": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.3, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, "source": {"advisory": "GHSA-24pm-rjfv-23mh", "discovery": "UNKNOWN"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "< 1.12.8"}, {"version_value": ">= 1.13.0, < 1.13.6"}]}, "product_name": "security-advisories"}]}, "vendor_name": "nextcloud"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-24pm-rjfv-23mh", "name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-24pm-rjfv-23mh", "refsource": "CONFIRM"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions shipped with a CSS minifier on the path `./vendor/cerdic/css-tidy/css_optimiser.php`. Access to the minifier is unrestricted and access may lead to Server-Side Request Forgery (SSRF). It is recommendet to upgrade to Mail 1.12.7 or Mail 1.13.6. Users unable to upgrade may manually delete the file located at `./vendor/cerdic/css-tidy/css_optimiser.php`"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-918: Server-Side Request Forgery (SSRF)"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-31132", "STATE": "PUBLIC", "TITLE": "Unauthenticated SSRF in 3rd party module \"cerdic/csstidy\"", "ASSIGNER": "security-advisories@github.com"}}}}, "cveMetadata": {"cveId": "CVE-2022-31132", "state": "PUBLISHED", "dateUpdated": "2025-04-23T17:53:46.349Z", "dateReserved": "2022-05-18T00:00:00.000Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2022-08-04T17:10:10.000Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nextcloud:mail:*:*:*:*:*:*:*:*", "matchCriteriaId": "8DB5D385-A12E-4713-9A30-E6F4BFAA61FF", "versionEndExcluding": "1.12.8", "vulnerable": true}, {"criteria": "cpe:2.3:a:nextcloud:mail:*:*:*:*:*:*:*:*", "matchCriteriaId": "91AE58DF-A00E-4106-B6E0-1B38E474375D", "versionEndExcluding": "1.13.6", "versionStartIncluding": "1.13.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions shipped with a CSS minifier on the path `./vendor/cerdic/css-tidy/css_optimiser.php`. Access to the minifier is unrestricted and access may lead to Server-Side Request Forgery (SSRF). It is recommendet to upgrade to Mail 1.12.7 or Mail 1.13.6. Users unable to upgrade may manually delete the file located at `./vendor/cerdic/css-tidy/css_optimiser.php`"}, {"lang": "es", "value": "Nextcloud Mail es una aplicaci\u00f3n de correo electr\u00f3nico para el producto nextcloud personal cloud. Las versiones afectadas son enviadas con un minificador de CSS en la ruta \"./vendor/cerdic/css-tidy/css_optimiser.php\". El acceso al minificador no est\u00e1 restringido y puede conllevar a un ataque de tipo Server-Side Request Forgery (SSRF). Es recomendado actualizar a Mail versi\u00f3n 1.12.7 o Mail versi\u00f3n 1.13.6. Los usuarios que no puedan actualizar pueden eliminar manualmente el archivo ubicado en \"./vendor/cerdic/css-tidy/css_optimiser.php\""}], "id": "CVE-2022-31132", "lastModified": "2024-11-21T07:03:57.897", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.7, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-08-04T17:15:08.597", "references": [{"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-24pm-rjfv-23mh"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-24pm-rjfv-23mh"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "security-advisories@github.com", "type": "Secondary"}]}