VYPR

Ios App

by OwnCloud

Source repositories

CVEs (4)

  • CVE-2023-3615Jul 17, 2023
    risk 0.00cvss epss 0.00

    Mattermost iOS app fails to properly validate the server certificate while initializing the TLS connection allowing a network attacker to intercept the WebSockets connection.

  • CVE-2019-15614Feb 4, 2020
    risk 0.00cvss epss 0.01

    Missing sanitization in the iOS App 2.24.4 causes an XSS when opening malicious HTML files.

  • CVE-2019-15611Feb 4, 2020
    risk 0.00cvss epss 0.01

    Violation of Secure Design Principles in the iOS App 2.23.0 causes the app to leak its login and token to other Nextcloud services when search e.g. for federated users or registering for push notifications.

  • CVE-2015-5955Oct 29, 2015
    risk 0.00cvss epss 0.01

    ownCloud iOS app before 3.4.4 does not properly switch state between multiple instances, which might allow remote instance administrators to obtain sensitive credential and cookie information by reading authentication headers.