VYPR
Unrated severityNVD Advisory· Published Jan 18, 2024· Updated Jun 2, 2025

Permissions bypass in Nextcloud with the files zip app

CVE-2024-22404

Description

Nextcloud files Zip app is a tool to create zip archives from one or multiple files from within Nextcloud. In affected versions users can download "view-only" files by zipping the complete folder. It is recommended that the Files ZIP app is upgraded to 1.2.1, 1.4.1, or 1.5.0. Users unable to upgrade should disable the file zip app.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Range: before 1.2.1, 1.4.1, or 1.5.0
  • nextcloud/security-advisoriesv5
    Range: >= 1.2.0, < 1.2.1

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.