{
  "affected": [
    {
      "ranges": [
        {
          "database_specific": {
            "versions": [
              {
                "introduced": "0"
              },
              {
                "fixed": "12.0.13"
              },
              {
                "introduced": "13.0.0"
              },
              {
                "fixed": "13.0.8"
              },
              {
                "introduced": "14.0.0"
              },
              {
                "fixed": "14.0.4"
              }
            ]
          },
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0b8b083f72a59210ca7bf7c8c2f3b3f93c1ca880"
            },
            {
              "introduced": "3b4285e13f6b1ec074b98466f49e189101f090bc"
            },
            {
              "fixed": "a966d7f9caeb3116024454ec44c45923ada85ad7"
            },
            {
              "introduced": "1b35dc1cbafe318933ba0c11212a9c3c6b787700"
            },
            {
              "fixed": "d25e8a774a30f78017acdc366a79460cebbb552f"
            }
          ],
          "repo": "https://github.com/nextcloud/server",
          "type": "GIT"
        }
      ]
    }
  ],
  "details": "Improper preservation of permissions in Nextcloud Server 14.0.3 causes the event details to be leaked when sharing a non-public event.",
  "id": "CVE-2020-8117",
  "modified": "2026-03-13T21:54:25.319749770Z",
  "published": "2020-02-04T20:15:13.543Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nextcloud.com/security/advisory/?id=NC-SA-2020-013"
    },
    {
      "type": "REPORT",
      "url": "https://hackerone.com/reports/439828"
    }
  ],
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}