Lucene search
GoogleOSV:CVE-2021-22879HistoryApr 14, 2021 - 1:15 p.m.
CVE-2021-22879
2021-04-1413:15:13
Google
osv.dev
3
Nextcloud Desktop Client prior to 3.1.3 is vulnerable to resource injection by way of missing validation of URLs, allowing a malicious server to execute remote commands. User interaction is needed for exploitation.
| CPE | Name | Operator | Version |
|---|---|---|---|
| desktop | eq | 1.6.2-themefix | |
| desktop | eq | 1.6.0-beta1 | |
| desktop | eq | 1.6.1-rc1 | |
| desktop | eq | 1.8.0 | |
| desktop | eq | 3.1.0-rc1 | |
| desktop | eq | 1.7.0beta1 | |
| desktop | eq | 1.5.0 | |
| desktop | eq | 1.8.1-rc2 | |
| desktop | eq | 1.5.0-beta2 | |
| desktop | eq | 1.5.1-rc1 |
Related
openvas
openvas
Fedora: Security Advisory for nextcloud-client (FEDORA-2021-1ffffa0251)
2021-04-25 00:00:00
openSUSE: Security Advisory for nextcloud-desktop (openSUSE-SU-2021:0577-1)
2021-04-21 00:00:00
veracode
veracode
Injection Vulnerability
2021-05-09 16:43:35
prion
prion
Design/Logic Flaw
2021-04-14 13:15:00
nvd
nvd
CVE-2021-22879
2021-04-14 13:15:13
fedora
fedora
[SECURITY] Fedora 33 Update: nextcloud-client-3.1.3-1.fc33
2021-04-24 18:06:43
suse
suse
Security update for nextcloud-desktop (important)
2021-04-19 00:00:00
cve
cve
CVE-2021-22879
2021-04-14 13:15:13
nessus
nessus
openSUSE Security Update : nextcloud-desktop (openSUSE-2021-577)
2021-05-18 00:00:00
gentoo
gentoo
Nextcloud Desktop Client: User-assisted execution of arbitrary code
2021-05-26 00:00:00
ubuntucve
ubuntucve
CVE-2021-22879
2021-04-14 00:00:00
hackerone
hackerone
Nextcloud: Nextcloud Desktop Client RCE via malicious URI schemes
2021-01-13 17:29:19
nextcloud
nextcloud
debiancve
debiancve
CVE-2021-22879
2021-04-14 13:15:13
cvelist
cvelist
CVE-2021-22879
2021-04-14 12:41:24
thn
thn
1-Click Hack Found in Popular Desktop Apps — Check If You're Using Them
2021-04-15 11:09:00