CVE-2022-39212 Last video frame is still sent after video is disabled in a call in Nextcloud Talk

Nextcloud Talk is an open source chat, video & audio calls client for the Nextcloud platform. In affected versions an attacker could see the last video frame of any participant who has video disabled but a camera selected. It is recommended that the Nextcloud Talk app is upgraded to 13.0.8 or...

CVE-2022-39212 Last video frame is still sent after video is disabled in a call in Nextcloud Talk

Nextcloud Talk is an open source chat, video & audio calls client for the Nextcloud platform. In affected versions an attacker could see the last video frame of any participant who has video disabled but a camera selected. It is recommended that the Nextcloud Talk app is upgraded to 13.0.8 or...

CVE-2022-39212

Nextcloud Talk vulnerability CVE-2022-39212: in affected versions, the last video frame of a participant can be disclosed when the camera is selected but the video is disabled. This is a client-side issue in Nextcloud Talk (chat/video calls) that allows viewing the last frame of other participant...

CVE-2022-39212 Last video frame is still sent after video is disabled in a call in Nextcloud Talk

Nextcloud Talk is an open source chat, video & audio calls client for the Nextcloud platform. In affected versions an attacker could see the last video frame of any participant who has video disabled but a camera selected. It is recommended that the Nextcloud Talk app is upgraded to 13.0.8 or...

CVE-2022-39211

Nextcloud server is an open source personal cloud platform. In affected versions it was found that locally running webservices can be found and requested erroneously. It is recommended that the Nextcloud Server is upgraded to 23.0.8 or 24.0.4. It is recommended that the Nextcloud Enterprise Serve...

Design/Logic Flaw

Nextcloud server is an open source personal cloud platform. In affected versions it was found that locally running webservices can be found and requested erroneously. It is recommended that the Nextcloud Server is upgraded to 23.0.8 or 24.0.4. It is recommended that the Nextcloud Enterprise Serve...

CVE-2022-39210 Access to internal files of the Nextcloud Android app

Nextcloud android is the official Android client for the Nextcloud home server platform. Internal paths to the Nextcloud Android app files are not properly protected. As a result access to internal files of the from within the Nextcloud Android app is possible. This may lead to a leak of sensitiv...

CVE-2022-39210 Access to internal files of the Nextcloud Android app

Nextcloud android is the official Android client for the Nextcloud home server platform. Internal paths to the Nextcloud Android app files are not properly protected. As a result access to internal files of the from within the Nextcloud Android app is possible. This may lead to a leak of sensitiv...

CVE-2022-39210

The CVE-2022-39210 entry concerns the Nextcloud Android client (com.nextcloud.client). The issue is a path-traversal/access to internal files, arising from inadequately protected internal app file paths, enabling potential leakage of sensitive information from within the app. Affected behavior is...

CVE-2022-39210 Access to internal files of the Nextcloud Android app

Nextcloud android is the official Android client for the Nextcloud home server platform. Internal paths to the Nextcloud Android app files are not properly protected. As a result access to internal files of the from within the Nextcloud Android app is possible. This may lead to a leak of sensitiv...

CVE-2022-39211 Server-Side Request Forgery (SSRF) via potential filter bypass in Nextcloud Server

Nextcloud server is an open source personal cloud platform. In affected versions it was found that locally running webservices can be found and requested erroneously. It is recommended that the Nextcloud Server is upgraded to 23.0.8 or 24.0.4. It is recommended that the Nextcloud Enterprise Serve...

CVE-2022-39211 Server-Side Request Forgery (SSRF) via potential filter bypass in Nextcloud Server

Nextcloud server is an open source personal cloud platform. In affected versions it was found that locally running webservices can be found and requested erroneously. It is recommended that the Nextcloud Server is upgraded to 23.0.8 or 24.0.4. It is recommended that the Nextcloud Enterprise Serve...

CVE-2022-39211

CVE-2022-39211 corresponds to a Server-Side Request Forgery (SSRF) in Nextcloud Server caused by a filter/domain-check bypass that allows locally running web services to be discovered and requested. Affected versions include Nextcloud Server prior to 23.0.8 and 24.0.4, and Nextcloud Enterprise Se...

CVE-2022-39211 Server-Side Request Forgery (SSRF) via potential filter bypass in Nextcloud Server

Nextcloud server is an open source personal cloud platform. In affected versions it was found that locally running webservices can be found and requested erroneously. It is recommended that the Nextcloud Server is upgraded to 23.0.8 or 24.0.4. It is recommended that the Nextcloud Enterprise Serve...

Last video frame is still sent after video is disabled in a call

None...

Server-Side Request Forgery (SSRF) via potential filter bypass with too lax local domain checking

None...

Access to internal files of the Nextcloud Android app from within the Nextcloud Android app

None...

Nextcloud 代码问题漏洞

Nextcloud is a suite of open source, self-hosted file synchronization and sharing communication application platforms from Nextcloud, Germany. A code issue vulnerability exists in Nextcloud server and Nextcloud Enterprise Server that stems from a locally running web service that can be discovered...

CVE-2022-36074

Nextcloud server is an open source personal cloud product. Affected versions of this package are vulnerable to Information Exposure which fails to strip the Authorization header on HTTP downgrade. This can lead to account access exposure and compromise. It is recommended that the Nextcloud Server...

CVE-2022-36075

Nextcloud files access control is a nextcloud app to manage access control for files. Users with limited access can see file names in certain cases where they do not have privilege to do so. This issue has been addressed and it is recommended that the Nextcloud Files Access Control app is upgrade...