Vulnerability DatabaseCVE-2021-32801

CVE-2021-32801:
Linux openSUSE vulnerability analysis and mitigation

Overview

A vulnerability was identified in Nextcloud Server's Encryption-at-Rest functionality where exception logging could potentially expose sensitive key material. The issue affects Nextcloud Server versions prior to 20.0.12, 21.0.4, and 22.1.0 (GitHub Advisory).

Technical details

The vulnerability (CVE-2021-32801) is classified as CWE-532, which relates to information exposure through log files. The issue occurs when exceptions are logged, potentially resulting in the exposure of sensitive encryption key material used for Nextcloud's Encryption-at-Rest functionality (GitHub Advisory).

Impact

The vulnerability could lead to the exposure of sensitive encryption key material through log files, potentially compromising the security of the Encryption-at-Rest functionality. However, this only affects users who have implemented the Encryption-at-Rest feature (GitHub Advisory).

Mitigation and workarounds

The issue has been patched in Nextcloud Server versions 20.0.12, 21.0.4, and 22.1.0. Users are recommended to upgrade to these versions or newer. As a temporary workaround, users can disable logging, though this is not recommended as a long-term solution. Users not utilizing the Encryption-at-Rest functionality are not affected by this vulnerability (GitHub Advisory, GitHub PR).

Additional resources

Source: This report was generated using AI

Related Linux openSUSE vulnerabilities:

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-62291	HIGH	8.1	strongSwan	strongswan-doc	No	Yes	Jan 16, 2026
CVE-2026-0891	HIGH	8.1	Mozilla Firefox	rhel10::firefox-flatpak	No	Yes	Jan 13, 2026
CVE-2025-24528	HIGH	7.1	Kerberos	crypto-policies	No	Yes	Jan 16, 2026
CVE-2026-0890	MEDIUM	5.4	Mozilla Firefox	cpe:2.3:a:mozilla:firefox_esr	No	Yes	Jan 13, 2026
CVE-2025-43904	MEDIUM	4.2	Linux Debian	slurm_22_05-munge	No	Yes	Jan 16, 2026