CVE-2019-5452

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2019-5452

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-5452.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-5452

Published

2019-07-30T21:15:11Z

Modified

2024-11-21T04:44:57Z

Severity

2.4 (Low) CVSS_V3 - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

Bypass lock protection in the Nextcloud Android app prior to version 3.6.2 causes leaking of thumbnails when requesting the Android content provider although the lock protection was not solved.

References

https://hackerone.com/reports/534541

Affected packages

Git / github.com/nextcloud/android

Affected ranges

Type: GIT
Repo: https://github.com/nextcloud/android
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

305db4b82de8a5cb247cdd6bfa189e2a59b54ac5

Type: GIT
Repo: https://github.com/nextcloud/desktop
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

2a703f26b7f77451ad157fcaa215d7e99a4b4015