CVE-2020-8227

Опубликовано: 21 авг. 2020

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS2: 7.1

CVSS3: 6.8

Описание

Missing sanitization of a server response in Nextcloud Desktop Client 2.6.4 for Linux allowed a malicious Nextcloud Server to store files outside of the dedicated sync directory.

Релиз	Статус	Примечание
bionic	DNE
devel	not-affected	3.0.1-3
esm-apps/focal	needs-triage
esm-apps/jammy	not-affected	3.0.1-3
esm-apps/noble	not-affected	3.0.1-3
esm-infra-legacy/trusty	DNE
focal	ignored	end of standard support, was needs-triage
groovy	ignored	end of life
hirsute	not-affected	3.0.1-3
impish	not-affected	3.0.1-3

Показывать по

Ссылки на источники

EPSS

Процентиль: 89%

0.04677

Низкий

7.1 High

CVSS2

6.8 Medium

CVSS3

Связанные уязвимости

CVE-2020-8227

CVSS3: 6.8

nvd

больше 5 лет назад

Missing sanitization of a server response in Nextcloud Desktop Client 2.6.4 for Linux allowed a malicious Nextcloud Server to store files outside of the dedicated sync directory.

CVE-2020-8227

CVSS3: 6.8

debian

больше 5 лет назад

Missing sanitization of a server response in Nextcloud Desktop Client ...

GHSA-64gg-6m36-39px

CVSS3: 6.8

github

больше 3 лет назад

Missing sanitization of a server response in Nextcloud Desktop Client 2.6.4 for Linux allowed a malicious Nextcloud Server to store files outside of the dedicated sync directory.

EPSS

Процентиль: 89%

0.04677

Низкий

7.1 High

CVSS2

6.8 Medium

CVSS3

CVE-2020-8227

Описание

Пакет nextcloud-desktop

Ссылки на источники

Связанные уязвимости