137 matches found
Password disclosure in log file when providing incorrect additional data on initial setup of Mail App
None...
Nextcloud 代码问题漏洞
Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A code issue vulnerability exists in Nextcloud Mail that stems from unrestricted access to minifier. An attacker could exploit this vulnerability to perfor...
PT-2022-20542 · Nextcloud · Nextcloud Mail
Name of the Vulnerable Software and Affected Versions: Nextcloud Mail versions prior to 1.12.1 Description: The issue affects Nextcloud Mail, an email application for the Nextcloud personal cloud product. In the event of a misconfiguration, affected versions of Nextcloud Mail would log user...
Design/Logic Flaw
Nextcloud mail is a Mail app for the Nextcloud home server product. Versions of Nextcloud mail prior to 1.12.2 were found to be missing user account ownership checks when performing tasks related to mail attachments. Attachments may have been exposed to incorrect system users. It is recommended...
CVE-2022-31131 Ownership check missing when updating or deleting mail attachments in Nextcloud mail
Nextcloud mail is a Mail app for the Nextcloud home server product. Versions of Nextcloud mail prior to 1.12.2 were found to be missing user account ownership checks when performing tasks related to mail attachments. Attachments may have been exposed to incorrect system users. It is recommended...
CVE-2022-31131 Ownership check missing when updating or deleting mail attachments in Nextcloud mail
Nextcloud mail is a Mail app for the Nextcloud home server product. Versions of Nextcloud mail prior to 1.12.2 were found to be missing user account ownership checks when performing tasks related to mail attachments. Attachments may have been exposed to incorrect system users. It is recommended...
Ownership check missing when updating or deleting mail attachments
None...
PT-2022-20551 · Nextcloud · Nextcloud Mail
Name of the Vulnerable Software and Affected Versions: Nextcloud mail versions prior to 1.12.2 Description: The issue concerns missing user account ownership checks when performing tasks related to mail attachments in Nextcloud mail, potentially exposing attachments to incorrect system users...
MAL-2022-4829 Malicious code in nextcloud-mail (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 49b707040d71b3da11b82122e52723a5f64ca6b9384db7ab5b48995623e258af Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in nextcloud-mail (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 49b707040d71b3da11b82122e52723a5f64ca6b9384db7ab5b48995623e258af Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2021-39220
Nextcloud is an open-source, self-hosted productivity platform The Nextcloud Mail application prior to versions 1.10.4 and 1.11.0 does by default not render images in emails to not leak the read state or user IP. The privacy filter failed to filter images with a relative protocol. It is recommend...
CVE-2021-39220 Bypass of image blocking in Nextcloud Mail
Nextcloud is an open-source, self-hosted productivity platform The Nextcloud Mail application prior to versions 1.10.4 and 1.11.0 does by default not render images in emails to not leak the read state or user IP. The privacy filter failed to filter images with a relative protocol. It is recommend...
Bypass of image blocking in Nextcloud Mail
None...
[ASA-202107-41] nextcloud-app-mail: information disclosure
Arch Linux Security Advisory ASA-202107-41 ========================================== Severity: Low Date : 2021-07-20 CVE-ID : CVE-2021-32707 Package : nextcloud-app-mail Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-2145 Summary ======= The package...
CVE-2021-32707
Nextcloud Mail is a mail app for Nextcloud. In versions prior to 1.9.6, the Nextcloud Mail application does not, by default, render images in emails to not leak the read state. The privacy filter failed to filter images with a background-image CSS attribute. Note that the images were still passed...
CVE-2021-32707
Nextcloud Mail is a mail app for Nextcloud. In versions prior to 1.9.6, the Nextcloud Mail application does not, by default, render images in emails to not leak the read state. The privacy filter failed to filter images with a background-image CSS attribute. Note that the images were still passed...
Design/Logic Flaw
Nextcloud Mail is a mail app for Nextcloud. In versions prior to 1.9.6, the Nextcloud Mail application does not, by default, render images in emails to not leak the read state. The privacy filter failed to filter images with a background-image CSS attribute. Note that the images were still passed...
CVE-2021-32707 Bypass of image blocking in Nextcloud Mail
Nextcloud Mail is a mail app for Nextcloud. In versions prior to 1.9.6, the Nextcloud Mail application does not, by default, render images in emails to not leak the read state. The privacy filter failed to filter images with a background-image CSS attribute. Note that the images were still passed...
PT-2021-19873 · Nextcloud · Nextcloud Mail
Name of the Vulnerable Software and Affected Versions: Nextcloud Mail versions prior to 1.9.6 Description: The Nextcloud Mail application has an issue where the privacy filter fails to filter images with a background-image CSS attribute, potentially leaking the read state. However, images are sti...
Nextcloud Mail Access Control Error Vulnerability
Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. An access control error vulnerability exists in Nextcloud Mail that stems from a lack of permission checking in Nextcloud Mail.Nextcloud Mail version 1.9.5 an...