In Nextcloud Desktop Client 3.13.1 through 3.13.3 on Linux, synchronized files (between the server and client) may become world writable or world readable. This is fixed in 3.13.4.
History

Fri, 20 Sep 2024 23:00:00 +0000

Type Values Removed Values Added
First Time appeared Linux
Linux linux Kernel
Nextcloud
Nextcloud desktop
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:nextcloud:desktop:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
Nextcloud
Nextcloud desktop
Metrics cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N'}


Tue, 17 Sep 2024 14:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 16 Sep 2024 02:15:00 +0000

Type Values Removed Values Added
Description In Nextcloud Desktop Client 3.13.1 through 3.13.3 on Linux, synchronized files (between the server and client) may become world writable or world readable. This is fixed in 3.13.4.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-09-16T00:00:00

Updated: 2024-09-17T14:10:42.195Z

Reserved: 2024-09-16T00:00:00

Link: CVE-2024-46958

cve-icon Vulnrichment

Updated: 2024-09-17T14:10:25.482Z

cve-icon NVD

Status : Analyzed

Published: 2024-09-16T02:15:01.803

Modified: 2024-09-20T22:41:38.223

Link: CVE-2024-46958

cve-icon Redhat

No data.