Nextcloud Android is the Android client for Nextcloud, a self-hosted productivity platform. Prior to version 3.19.0, sensitive tokens, images, and user related details exist after deletion of a user account. This could result in misuse of the former account holder's information. Nextcloud Android version 3.19.0 contains a patch for this issue. There are no known workarounds available.
References
Link | Resource |
---|---|
https://github.com/nextcloud/android/pull/9644 | Issue Tracking Patch Third Party Advisory |
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-xcj9-3jch-qr2r | Issue Tracking Third Party Advisory |
https://hackerone.com/reports/1222873 | Exploit Issue Tracking Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GitHub_M
Published: 2022-05-20T15:55:10
Updated: 2022-05-20T15:55:10
Reserved: 2022-04-13T00:00:00
Link: CVE-2022-29160
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-05-20T16:15:09.350
Modified: 2023-07-21T16:42:32.157
Link: CVE-2022-29160
JSON object: View
Redhat Information
No data.