CVE-2021-39220 log

Severity Low
Remote Yes
Type Information disclosure
The Nextcloud Mail application prior to versions 1.10.4 and 1.11.0 does by default not render images in emails to not leak the read state or user IP. The privacy filter failed to filter images with a relative protocol.
Group Package Affected Fixed Severity Status Ticket
AVG-2495 nextcloud-app-mail 1.10.1-1 1.10.5-1 Low Fixed