logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2022-39334

Description

Nextcloud desktop is the desktop sync client for Nextcloud. Versions prior to 3.6.1 would incorrectly trust invalid TLS certificates. A Man-in-the-middle attack is possible in case a user can be made running a nextcloudcmd CLI command locally. It is recommended that the Nextcloud Desktop client is upgraded to 3.6.1. There are no known workarounds for this vulnerability.


Affected Software


CPE Name Name Version
nextcloud:desktop nextcloud desktop 3.6.1

Related