CVE-2024-46958

In Nextcloud Desktop Client 3.13.1 through 3.13.3 on Linux, synchronized files (between the server and client) may become world writable or world readable. This is fixed in 3.13.4.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:nextcloud:desktop:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

History

20 Sep 2024, 22:41

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.1
CPE cpe:2.3:a:nextcloud:desktop:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
References () https://github.com/nextcloud/desktop/compare/v3.13.3...v3.13.4 - () https://github.com/nextcloud/desktop/compare/v3.13.3...v3.13.4 - Patch
References () https://github.com/nextcloud/desktop/issues/6863 - () https://github.com/nextcloud/desktop/issues/6863 - Issue Tracking
References () https://github.com/nextcloud/desktop/pull/6949 - () https://github.com/nextcloud/desktop/pull/6949 - Issue Tracking
References () https://github.com/nextcloud/desktop/pull/7092 - () https://github.com/nextcloud/desktop/pull/7092 - Patch
References () https://github.com/nextcloud/security-advisories/security/advisories - () https://github.com/nextcloud/security-advisories/security/advisories - Third Party Advisory
CWE NVD-CWE-noinfo
First Time Nextcloud desktop
Linux linux Kernel
Nextcloud
Linux

16 Sep 2024, 15:30

Type Values Removed Values Added
Summary
  • (es) En Nextcloud Desktop Client 3.13.1 a 3.13.3 en Linux, los archivos sincronizados (entre el servidor y el cliente) pueden volverse legibles o modificables por todos. Esto se solucionó en 3.13.4.

16 Sep 2024, 02:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-16 02:15

Updated : 2024-09-20 22:41


NVD link : CVE-2024-46958

Mitre link : CVE-2024-46958

CVE.ORG link : CVE-2024-46958


JSON object : View

Products Affected

linux

  • linux_kernel

nextcloud

  • desktop