Unrated severityNVD Advisory· Published Apr 14, 2021· Updated Aug 3, 2024
CVE-2021-22879
CVE-2021-22879
Description
Nextcloud Desktop Client prior to 3.1.3 is vulnerable to resource injection by way of missing validation of URLs, allowing a malicious server to execute remote commands. User interaction is needed for exploitation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Nextcloud/Desktop Clientdescription
- Range: <3.1.3
- osv-coordsRange: < 3.1.3-lp152.2.6.1
Patches
Vulnerability mechanics
References
5- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTWBJAS5DJJIK7LLVBZZQTSJASUVIRVE/mitrevendor-advisoryx_refsource_FEDORA
- security.gentoo.org/glsa/202105-37mitrevendor-advisoryx_refsource_GENTOO
- github.com/nextcloud/desktop/pull/2906mitrex_refsource_MISC
- hackerone.com/reports/1078002mitrex_refsource_MISC
- nextcloud.com/security/advisory/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.