ownCloud owncloud/client before 2.9.2 allows Resource Injection by a server into the desktop client via a URL, leading to remote code execution.
References
Configurations
History
15 Aug 2022, 11:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
13 Aug 2022, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
21 Jan 2022, 19:26
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://owncloud.com/security-advisories/cve-2021-44537/ - Vendor Advisory | |
CPE | cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:*:*:* | |
CWE | CWE-74 | |
CVSS |
v2 : v3 : |
v2 : 6.8
v3 : 7.8 |
15 Jan 2022, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-01-15 21:15
Updated : 2024-02-04 22:08
NVD link : CVE-2021-44537
Mitre link : CVE-2021-44537
CVE.ORG link : CVE-2021-44537
JSON object : View
Products Affected
fedoraproject
- fedora
owncloud
- owncloud_desktop_client
CWE
CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')