Unrated severityNVD Advisory· Published Jun 11, 2021· Updated Aug 3, 2024
CVE-2021-22895
CVE-2021-22895
Description
Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certificate validation due to lack of SSL certificate verification when using the "Register with a Provider" flow.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Nextcloud/Desktop Clientdescription
- Range: <3.3.1
Patches
Vulnerability mechanics
References
5- www.debian.org/security/2021/dsa-4974mitrevendor-advisoryx_refsource_DEBIAN
- github.com/nextcloud/desktop/pull/2926mitrex_refsource_MISC
- github.com/nextcloud/desktop/releases/tag/v3.1.3mitrex_refsource_MISC
- github.com/nextcloud/security-advisories/security/advisories/GHSA-qpgp-vf4p-wcw5mitrex_refsource_MISC
- hackerone.com/reports/903424mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.