Vulnerability DatabaseCVE-2019-15613

CVE-2019-15613:
Linux openSUSE vulnerability analysis and mitigation

Overview

A bug was discovered in Nextcloud Server 17.0.1 that affects workflow rules, causing them to depend their behavior on file extensions when checking file mimetypes. The vulnerability was assigned CVE-2019-15613 and was addressed in the security advisory NC-SA-2020-002 (NVD, OpenSUSE).

Technical details

The vulnerability affects the workflow rules functionality in Nextcloud Server 17.0.1, specifically impacting how the system handles file mimetype checking. The issue was later fixed in Nextcloud version 15.0.14 as part of a security update (OpenSUSE).

Impact

The vulnerability could potentially lead to incorrect workflow rule execution based on file extensions rather than actual file types, which might result in improper file handling or security policy enforcement (NVD).

Mitigation and workarounds

The vulnerability was addressed in Nextcloud version 15.0.14. System administrators are advised to upgrade to this version or later. The fix was included in security updates for various distributions, including openSUSE and SUSE Linux Enterprise (OpenSUSE).

Additional resources

Source: This report was generated using AI

Related Linux openSUSE vulnerabilities:

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-62291	HIGH	8.1	strongSwan	strongswan	No	Yes	Jan 16, 2026
CVE-2026-0891	HIGH	8.1	Mozilla Firefox	firefox	No	Yes	Jan 13, 2026
CVE-2025-24528	HIGH	7.1	Kerberos	krb5-pkinit-openssl	No	Yes	Jan 16, 2026
CVE-2026-0890	MEDIUM	5.4	Mozilla Firefox	cpe:2.3:a:mozilla:firefox_esr	No	Yes	Jan 13, 2026
CVE-2025-43904	MEDIUM	4.2	Linux Debian	libnss_slurm2_24_11	No	Yes	Jan 16, 2026