Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Nextcloud Talk Android broadcast incorrect permission handling
Vulnerability Description
Nextcould talk android is the android OS implementation of the nextcloud talk chat system. In affected versions the receiver is not protected by broadcastPermission allowing malicious apps to monitor communication. It is recommended that the Nextcloud Talk Android is upgraded to 14.1.0. There are no known workarounds for this issue.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Vulnerability Type
关键资源的不正确权限授予
Vulnerability Title
Nextcloud Talk 安全漏洞
Vulnerability Description
Nextcloud Talk是德国Nextcloud公司的一款自托管的本地音频/视频和聊天通信服务。 Nextcloud Talk 14.1.0之前版本存在安全漏洞,该漏洞源于接收器不受broadcastPermission的保护,允许恶意应用程序监控通信。
CVSS Information
N/A
Vulnerability Type
N/A