nextcloud-client
Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
Description | Nextcloud desktop client |
Version | 2:3.15.2-1 [extra] |
Resolved
Group | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|
AVG-2025 | 3.1.2-1 | 3.1.3-1 | Medium | Fixed | |
AVG-1810 | 3.1.2-1 | 3.1.3-1 | Medium | Fixed |
Issue | Group | Severity | Remote | Type | Description |
---|---|---|---|---|---|
CVE-2021-22895 | AVG-2025 | Medium | Yes | Certificate verification bypass | Nextcloud Desktop Client before 3.1.3 wasn't verifying the SSL certificates when using the "Register with a Provider" flow. |
CVE-2021-22879 | AVG-1810 | Medium | Yes | Arbitrary code execution | Missing validation of URLs in Nextcloud Desktop Client 3.1.2 and earlier allowed a malicious server to execute code on the client. User interaction was required. |