VYPR

Nextcloud Desktop Client

by Nextcloud

Source repositories

CVEs (22)

  • CVE-2021-22895MedJun 11, 2021
    risk 0.00cvss 5.9epss 0.01

    Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certificate validation due to lack of SSL certificate verification when using the "Register with a Provider" flow.

  • CVE-2021-22879HigApr 14, 2021
    risk 0.00cvss 8.8epss 0.05

    Nextcloud Desktop Client prior to 3.1.3 is vulnerable to resource injection by way of missing validation of URLs, allowing a malicious server to execute remote commands. User interaction is needed for exploitation.

Page 2 of 2