(In reply to Eric Schirra from comment #1) > Are you sure that this is relevant for openSUSE? > I read in cve that this issue is only in 19.0.0 > So, in Tumbleweed is version 20 (20.0.0) and in Leap is 18 (18.0.4). According to upstream, Nextcloud Server < 18.0.7 is affected: https://nextcloud.com/security/advisory/?id=NC-SA-2020-029