nextcloud-desktop is vulnerable to Improper Certificate Validation. Trusting the server to return a users keypair certificate, allows a malicious server to encrypt user files with a key known to the attacker causing improper certificate validation.
CPE | Name | Operator | Version |
---|---|---|---|
nextcloud-desktop:sid | eq | 3.1.1-1 | |
nextcloud-desktop:sid | eq | 3.0.1-3 | |
nextcloud-desktop:sid | eq | 3.1.1-1 | |
nextcloud-desktop:sid | eq | 3.0.1-3 |