Nextcloud Talk 17.0.0 Release Candidate 1 for Android

CPE Details

Nextcloud Talk 17.0.0 Release Candidate 1 for Android
nextcloud
talk
17.0.0
2023-08-16
16h50 +00:00
2023-08-18
15h26 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:nextcloud:talk:17.0.0:rc1:*:*:*:android:*:*

Informations

Vendor

nextcloud

Product

talk

Version

17.0.0

Update

rc1

Target Software

android

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2023-45149 2023-10-16 19h03 +00:00 Nextcloud talk is a chat module for the Nextcloud server platform. In affected versions brute force protection of public talk conversation passwords can be bypassed, as there was an endpoint validating the conversation password without registering bruteforce attempts. It is recommended that the Nextcloud Talk app is upgraded to 15.0.8, 16.0.6 or 17.1.1. There are no known workarounds for this vulnerability.
4.3
Moyen
CVE-2023-39957 2023-08-10 15h04 +00:00 Nextcloud Talk Android allows users to place video and audio calls through Nextcloud on Android. Prior to version 17.0.0, an unprotected intend allowed malicious third party apps to trick the Talk Android app into writing files outside of its intended cache directory. Nextcloud Talk Android version 17.0.0 has a patch for this issue. No known workarounds are available.
7.8
Haute