Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Malicious Android app could access Shared Preferences of the Nextcloud Android client
Vulnerability Description
Nextcloud Android app is the Android client for Nextcloud. In versions prior to 3.16.1, a malicious app on the same device could have gotten access to the shared preferences of the Nextcloud Android application. This required user-interaction as a victim had to initiate the sharing flow and choose the malicious app. The shared preferences contain some limited private data such as push tokens and the account name. The vulnerability is patched in version 3.16.1.
CVSS Information
CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Vulnerability Type
信息暴露
Vulnerability Title
Nextcloud Android app 信息泄露漏洞
Vulnerability Description
Nextcloud Android app是德国Nextcloud公司的一款基于Android平台,用于访问Nextcloud服务器的移动应用程序。 Nextcloud Android app存在信息泄露漏洞,该漏洞源于同一设备上的恶意应用程序可以访问Nextcloud Android app的共享首选项。
CVSS Information
N/A
Vulnerability Type
N/A