Summary: | <net-misc/nextcloud-client-3.1.3: missing URL validation allowed RCE for the server on the desktop client (CVE-2021-22879) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | voyageur |
Priority: | Normal | Flags: | nattka:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://nextcloud.com/security/advisory/?id=NC-SA-2021-008 | ||
Whiteboard: | B2 [cve glsa+] | ||
Package list: |
net-misc/nextcloud-client-3.1.3
|
Runtime testing required: | --- |
Description
John Helmert III
2021-04-18 00:05:06 UTC
Unable to check for sanity:
> no match for package: net-misc/nextcloud-desktop-3.1.3
All sanity-check issues have been resolved New GLSA request filed. x86 stable This issue was resolved and addressed in GLSA 202105-37 at https://security.gentoo.org/glsa/202105-37 by GLSA coordinator Thomas Deutschmann (whissi). Re-opening for remaining architecture. amd64 stable |