Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Access to internal files of the Nextcloud Android app
Vulnerability Description
Nextcloud android is the official Android client for the Nextcloud home server platform. Internal paths to the Nextcloud Android app files are not properly protected. As a result access to internal files of the from within the Nextcloud Android app is possible. This may lead to a leak of sensitive information in some cases. It is recommended that the Nextcloud Android app is upgraded to 3.21.0. There are no known workarounds for this issue.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Nextcloud Android app 路径遍历漏洞
Vulnerability Description
Nextcloud Android app是德国Nextcloud公司的一款基于Android平台,用于访问Nextcloud服务器的移动应用程序。 Nextcloud Android app 3.21.0之前版本存在路径遍历漏洞,该漏洞源于应用程序文件的内部路径未得到适当保护,因此可以从应用程序中访问内部文件,在某些情况下,这可能会导致敏感信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A