3 matches found
org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class
A flaw was found in the Bouncy Castle Java Cryptography APIs. Affected versions of this package are vulnerable to an Infinite loop issue in ED25519 verification in the ScalarUtil class. This flaw allows an attacker to send a malicious signature and public key to trigger a denial of service...
MGASA-2021-0421 Updated nextcloud-client packages fix security vulnerability
Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certificate validation due to lack of SSL certificate verification when using the "Register with a Provider" flow. CVE-2021-22895 In versions prior to 3.3.0, the Nextcloud Desktop client fails to check if a private key belongs to...
UBUNTU-CVE-2021-32728
The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer. Clients using the Nextcloud end-to-end encryption feature download the public and private key via an API endpoint. In versions prior to 3.3.0, the Nextcloud Desktop client fails to check if a privat...