Описание
Nextcloud Android is the Android client for Nextcloud, a self-hosted productivity platform. Prior to version 3.19.0, sensitive tokens, images, and user related details exist after deletion of a user account. This could result in misuse of the former account holder's information. Nextcloud Android version 3.19.0 contains a patch for this issue. There are no known workarounds available.
Ссылки
- Issue TrackingPatchThird Party Advisory
- Issue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- Issue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.19.0 (исключая)
cpe:2.3:a:nextcloud:nextcloud:*:*:*:*:*:android:*:*
EPSS
Процентиль: 21%
0.0007
Низкий
2.8 Low
CVSS3
3.3 Low
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-284
CWE-459
EPSS
Процентиль: 21%
0.0007
Низкий
2.8 Low
CVSS3
3.3 Low
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-284
CWE-459