VYPR

talk-android

by Nextcloud

CVEs (6)

  • CVE-2023-39957HigAug 10, 2023
    risk 0.00cvss 7.8epss 0.00

    Nextcloud Talk Android allows users to place video and audio calls through Nextcloud on Android. Prior to version 17.0.0, an unprotected intend allowed malicious third party apps to trick the Talk Android app into writing files outside of its intended cache directory. Nextcloud…

  • CVE-2023-22473LowJan 9, 2023
    risk 0.00cvss 2.1epss 0.01

    Talk-Android enables users to have video & audio calls through Nextcloud on Android. Due to passcode bypass, an attacker is able to access the user's Nextcloud files and view conversations. To exploit this the attacker needs to have physical access to the target's device. There…

  • CVE-2022-41971MedDec 1, 2022
    risk 0.00cvss 4.8epss 0.01

    Nextcould Talk android is a video and audio conferencing app for Nextcloud. Prior to versions 12.2.8, 13.0.10, 14.0.6, and 15.0.0, guests can continue to receive video streams from a call after being removed from a conversation. An attacker would be able to see videos on a call…

  • CVE-2022-41926LowNov 25, 2022
    risk 0.00cvss 3.3epss 0.00

    Nextcould talk android is the android OS implementation of the nextcloud talk chat system. In affected versions the receiver is not protected by broadcastPermission allowing malicious apps to monitor communication. It is recommended that the Nextcloud Talk Android is upgraded to…

  • CVE-2021-41166MedJan 26, 2022
    risk 0.00cvss 4.3epss 0.01

    The Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. An issue in versions prior to 3.17.1 may lead to sensitive information disclosure. An unauthorized app that does not have the otherwise required `MANAGE_DOCUMENTS` permission may…

  • CVE-2021-43863HigJan 25, 2022
    risk 0.00cvss 7.5epss 0.02

    The Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. The Nextcloud Android app uses content providers to manage its data. Prior to version 3.18.1, the providers `FileContentProvider` and `DiskLruImageCacheFileProvider` have security…