Desktop@* Security Vulnerabilities and Issues — Desktop@* CVE List

Lucene search

NextcloudDesktop*

3 matches found

CVE•added 2021/04/14 1:15 p.m.•186 views

CVE-2021-22879

Nextcloud Desktop Client prior to 3.1.3 is vulnerable to resource injection by way of missing validation of URLs, allowing a malicious server to execute remote commands. User interaction is needed for exploitation.

8.8CVSS8.6AI score0.0101EPSS

CVE•added 2021/08/18 4:15 p.m.•88 views

CVE-2021-32728

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer. Clients using the Nextcloud end-to-end encryption feature download the public and private key via an API endpoint. In versions prior to 3.3.0, the Nextcloud Desktop client fails to check if a private ...

6.5CVSS6.1AI score0.0045EPSS

CVE•added 2021/06/11 4:15 p.m.•63 views

CVE-2021-22895

Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certificate validation due to lack of SSL certificate verification when using the "Register with a Provider" flow.

5.9CVSS5.8AI score0.00364EPSS