Nextcloud Desktop 3.7.4 Release Candidate 1

CPE Details

Nextcloud Desktop 3.7.4 Release Candidate 1
nextcloud
desktop
3.7.4
2023-04-07
14h13 +00:00
2023-04-07
18h16 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:nextcloud:desktop:3.7.4:rc1:*:*:*:*:*:*

Informations

Vendor

nextcloud

Product

desktop

Version

3.7.4

Update

rc1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-37885 2024-06-14 15h42 +00:00 The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. A code injection in Nextcloud Desktop Client for macOS allowed to load arbitrary code when starting the client with DYLD_INSERT_LIBRARIES set in the enviroment. It is recommended that the Nextcloud Desktop client is upgraded to 3.12.0.
7.8
High
CVE-2023-28999 2023-04-04 12h51 +00:00 Nextcloud is an open-source productivity platform. In Nextcloud Desktop client 3.0.0 until 3.8.0, Nextcloud Android app 3.13.0 until 3.25.0, and Nextcloud iOS app 3.0.5 until 4.8.0, a malicious server administrator can gain full access to an end-to-end encrypted folder. They can decrypt files, recover the folder structure and add new files.​ This issue is fixed in Nextcloud Desktop 3.8.0, Nextcloud Android 3.25.0, and Nextcloud iOS 4.8.0. No known workarounds are available.
6.9
Medium