CVE-2024-46958
Publication date 16 September 2024
Last updated 16 September 2024
Ubuntu priority
In Nextcloud Desktop Client 3.13.1 through 3.13.3 on Linux, synchronized files (between the server and client) may become world writable or world readable. This is fixed in 3.13.4.
Status
Package | Ubuntu Release | Status |
---|---|---|
nextcloud-desktop | 24.04 LTS noble |
Needs evaluation
|
22.04 LTS jammy |
Needs evaluation
|
|
20.04 LTS focal |
Needs evaluation
|
References
Other references
- https://www.cve.org/CVERecord?id=CVE-2024-46958
- https://github.com/nextcloud/desktop/issues/6863
- https://github.com/nextcloud/desktop/pull/7092
- https://github.com/nextcloud/desktop/pull/6949
- https://github.com/nextcloud/desktop/compare/v3.13.3...v3.13.4
- https://github.com/nextcloud/security-advisories/security/advisories