tobiasKaminsky

3 exploits Active since Jun 2021
CVE-2021-41166 WRITEUP MEDIUM WRITEUP
Nextcloud Android <3.17.1 - Info Disclosure
The Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. An issue in versions prior to 3.17.1 may lead to sensitive information disclosure. An unauthorized app that does not have the otherwise required `MANAGE_DOCUMENTS` permission may view image thumbnails for images it does not have permission to view. Version 3.17.1 contains a patch. There are no known workarounds.
CVSS 4.3
CVE-2021-32658 WRITEUP MEDIUM WRITEUP
Nextcloud Android <3.16.1 - Info Disclosure
Nextcloud Android is the Android client for the Nextcloud open source home cloud system. Due to a timeout issue the Android client may not properly clean all sensitive data on account removal. This could include sensitive key material such as the End-to-End encryption keys. It is recommended that the Nextcloud Android App is upgraded to 3.16.1
CVSS 4.7
CVE-2021-41166 WRITEUP MEDIUM WRITEUP
Nextcloud Android <3.17.1 - Info Disclosure
The Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. An issue in versions prior to 3.17.1 may lead to sensitive information disclosure. An unauthorized app that does not have the otherwise required `MANAGE_DOCUMENTS` permission may view image thumbnails for images it does not have permission to view. Version 3.17.1 contains a patch. There are no known workarounds.
CVSS 4.3